2 matches found
GHSA-F3CW-HG6R-CHFV Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI
Summary Missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. Post-authentication, ALLOWADMINCHANGES=true Details Note: This is a sequel to CVE-2023-40035 In src/helpers/FileHelper.phpL106-L137, the function absolutePath...
Information disclosure
A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the toString method on an object even if not allowed by the security policy in place...