The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.
Published November 20, 2019.
Smarty Smarty
Debian Debian Linux
