Description
Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt
Scores
EPSS
0.0188
EPSS Percentile
77.0%
Details
CWE
CWE-20
Status
published
Products (43)
smarty/smarty
1.0
smarty/smarty
1.0a
smarty/smarty
1.0b
smarty/smarty
1.1.0
smarty/smarty
1.2.0
smarty/smarty
1.2.1
smarty/smarty
1.2.2
smarty/smarty
1.3.0
smarty/smarty
1.3.1
smarty/smarty
1.3.2
... and 33 more
Published
Feb 03, 2011
Tracked Since
Feb 18, 2026