CVE-2014-8350

2014-11-03T11:55:08
ID CVE-2014-8350
Type cve
Reporter NVD
Modified 2017-09-07T21:29:22

Description

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template.