CVE-2021-26120 – Smarty before 3.1.39 allows code injection via an unexpected function name after a {functi …

Vuln ID: CVE-2021-26120

Published:  2021-02-22  02:15:14Z

Description: Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.

Source: NVD.NIST.GOV