------------------------------------------------------------------------ Craft CMS affected by server side template injection ------------------------------------------------------------------------ Nelson Berg & Jurgen Kloosterman, June 2016 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ It was discovered that Craft CMS is vulnerable to server-side template injection. An authenticated attacker can exploit this issue to compromise Craft CMS, for example by retrieving sensitive data from configuration files. ------------------------------------------------------------------------ Tested versions ------------------------------------------------------------------------ All versions of Craft CMS prior to build 2791 are affected by this vulnerability. ------------------------------------------------------------------------ Fix ------------------------------------------------------------------------ Pixel & Tonic, Inc. released Craft CMS build 2791 that resolves this vulnerability. This build can easily be installed through the Control Panel. After the fix is applied the rendering of templates is globally limited in TemplatesService.php and TwigEnvironment.php. ------------------------------------------------------------------------ Details ------------------------------------------------------------------------ https://www.securify.nl/advisory/SFY20160608/craft_cms_affected_by_server_side_template_injection.html