CVE-2018-13982 – Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path travers …

0

Vuln ID: CVE-2018-13982

Published:  2018-09-18  21:29:02Z

Description: Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.

Source: NVD.NIST.GOV