Matthid

**Name of the Vulnerable Software and Affected Versions** Antaris RazorEngine versions through 4.5.1-alpha001 **Description** An attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. This issue affects products that are no longer supported by the maintainer. **Recommendations** For versions through 4.5.1-alpha001, consider restricting access to the IsolatedRazorEngine component to prevent external control of template contents until a supported version is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.