Impact
Template authors could inject php code by choosing a malicous {function} name. Sites that cannot fully trust template authors should update asap.
Patches
Please upgrade to 3.1.39 or higher.
References
See this article
For more information
If you have any questions or comments about this advisory please open an issue in the Smarty repo
stevenseeley Analyst
Impact
Template authors could inject php code by choosing a malicous {function} name. Sites that cannot fully trust template authors should update asap.
Patches
Please upgrade to 3.1.39 or higher.
References
See this article
For more information
If you have any questions or comments about this advisory please open an issue in the Smarty repo