fenom-template/fenom

Releases38

Frequency3 months 3 weeks

Last Release about 2 months ago

Stars443

Template Engine for PHP.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-46433 ↗	Mar 28, 2022Monday, 28 March 2022, 11:15	10 CRITICAL	6.8 MEDIUM
In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true.