Assigner | mitre |
Reserved | 2024-05-04 |
Published | 2024-05-04 |
Updated | 2024-06-06 |
Description
Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator.
References
https://zenar.io/zenario-9/blog/zenario-9560437-patch-released