Medium
CVSS 6.8
Overview
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template.
CVE-2015-7809
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when S...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 6.8 (MEDIUM)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.