Mustache · Mustache · CVE-2022-0323
**Name of the Vulnerable Software and Affected Versions**
mustache/mustache versions 2.0.0 through 2.14.0
**Description**
The issue is related to the improper neutralization of special elements used in a template engine. This can lead to arbitrary PHP code execution, even when `strict callables` is set to true, if the section value is controllable.
**Recommendations**
For versions 2.0.0 through 2.14.0, update to version 2.14.1 or later to resolve the issue.