Altm4

**Name of the Vulnerable Software and Affected Versions** Fenom versions 2.12.1 and earlier **Description** The issue allows bypassing the sandbox to execute arbitrary PHP code when `disable native funcs` is true. This is possible through the `getTemplateCode()` function in `fenom/src/Fenom/Template.php`. **Recommendations** For Fenom versions 2.12.1 and earlier, as a temporary workaround, consider disabling the `getTemplateCode()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.