Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors.
CVSS Score
9.3
EPSS Score
0.004
Published
2011-02-03
Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors.
CVSS Score
10.0
EPSS Score
0.004
Published
2011-02-03
Page 3