Impact
Sandbox protection could be bypassed through access to an internal Smarty object that should have been blocked. Sites that rely on Smarty Security features should upgrade asap.
Patches
Please upgrade to 3.1.39 or higher.
References
See this article
For more information
If you have any questions or comments about this advisory please open an issue in the Smarty repo
stevenseeley Analyst
Impact
Sandbox protection could be bypassed through access to an internal Smarty object that should have been blocked. Sites that rely on Smarty Security features should upgrade asap.
Patches
Please upgrade to 3.1.39 or higher.
References
See this article
For more information
If you have any questions or comments about this advisory please open an issue in the Smarty repo