Bh-Eo

**Name of the Vulnerable Software and Affected Versions** Twig versions prior to 2.4.4 **Description** The issue allows Server-Side Template Injection (SSTI) via the `search key` parameter. It is noted that Twig itself is not a web application, and the responsibility of properly wrapping input to it lies with web applications using Twig. **Recommendations** For versions prior to 2.4.4, update to version 2.4.4 or later to resolve the issue. As a temporary workaround, consider properly wrapping input to Twig to prevent Server-Side Template Injection. Restrict access to the `search key` parameter in affected applications to minimize the risk of exploitation.