📦 Smarty

Name: Smarty
Author: Smarty

by Smarty

🔍 What is Smarty?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2021-26120

CRITICAL CVSS 9.8 Feb 22, 2021

CVE-2021-26120 is a critical code injection vulnerability in Smarty template engine that allows attackers to execute arbitrary PHP code via specially crafted {function name=} tags. This affects all ap...

CVE-2023-28447

HIGH CVSS 7.1 Mar 28, 2023

CVE-2023-28447 is a cross-site scripting (XSS) vulnerability in Smarty PHP template engine where JavaScript code isn't properly escaped. This allows attackers to execute arbitrary JavaScript in users'...

CVE-2022-29221

HIGH CVSS 8.8 May 24, 2022

This vulnerability in Smarty template engine allows template authors to inject PHP code through malicious {block} names or {include} file names. It affects sites where template authors are not fully t...

CVE-2021-21408

HIGH CVSS 8.8 Jan 10, 2022

CVE-2021-21408 is a vulnerability in Smarty PHP template engine that allows template authors to execute restricted static PHP methods, potentially leading to remote code execution. This affects all Sm...