Zhangxinyu06

Name of the Vulnerable Software and Affected Versions AntaresMugisho PyBlade versions 0.1.8-alpha through 0.1.9-alpha Description A flaw exists in the AST Validation component of AntaresMugisho PyBlade. Specifically, the ` is safe ast` function within the `sandbox.py` file is susceptible to improper neutralization of special elements used in a template engine. This allows for remote attacks. The exploit has been publicly disclosed. Recommendations Update to a newer version of AntaresMugisho PyBlade that addresses this issue. As a temporary workaround, consider restricting access to the `sandbox.py` file or disabling the ` is safe ast` function until a patch is available.