2021-02-22 01:38:15
mitre
PUBLISHED
Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.