Template authors could run arbitrary PHP code by crafting a malicious math string. If a math string is passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string.
Please upgrade to 4.0.2 or 3.1.42 or higher.
See documentation on Math function.
If you have any questions or comments about this advisory please open an issue in the Smarty repo
{ "nvd_published_at": "2022-01-10T20:15:00Z", "cwe_ids": [ "CWE-74" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-01-10T22:08:56Z" }