AI Score
Confidence
High
EPSS
Percentile
53.3%
In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true.
github.com/fenom-template/fenom/issues/331