CVE-2017-1000480

2018-01-03T13:29:00
ID CVE-2017-1000480
Type cve
Reporter NVD
Modified 2018-02-03T21:29:04

Description

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.