Unrestricted Access to Dynamic and Private Object Members in Smarty
CVE-2010-4723 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors.
Learn more about our Web Application Penetration Testing UK.