Ivanovic

**Name of the Vulnerable Software and Affected Versions** Wesnoth versions 1.4.x through 1.5.10 **Description** The issue allows remote attackers to escape the sandbox and execute arbitrary code by utilizing a whitelisted module that imports an unsafe module, and then accessing the unsafe module through the whitelisted module using a hierarchical module name. **Recommendations** For versions 1.4.x through 1.5.10, update to version 1.5.11 or later to resolve the issue.