It was discovered that there was a potential arbitrary file read vulnerability in twig, a PHP templating library. It was caused by insufficient validation of template names in ‘source’ and ‘include’ statements.
This article has been indexed from LinuxSecurity.com – Hybrid RSS
Read the original article: