Fenom Project: Security Vulnerabilities
In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true.
CVSS Score
10.0
EPSS Score
0.003
Published
2022-03-28