Security Advisory

CVE-2021-23803

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-17 20:05:25

Last updated 2024-09-16 17:48:03

Assigner snyk

State PUBLISHED

Description

This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will bypass these restrictions.

← Browse all CVEs View on cve.org ↗