Name of the Vulnerable Software and Affected Versions Silverstripe Framework (affected versions not specified)

Description The issue allows arbitrary global functions to be executed if malicious user input is passed through as the second argument of ViewableData::renderWith. This occurs when the second argument resolves associative arrays as template placeholders. The exploit requires user code to utilize the second argument in renderWith and pass user input directly as a value in an associative array without proper sanitization, such as using Convert::raw2xml(). It is noted that ViewableData::customise is not affected by this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.