[HIGH] Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag

PKSA-5rsx-p2fk-h2gr CVE-2024-35226 GHSA-4rmg-292m-wg3w

Affected package: smarty/smarty

Affected version: >=3.0.0,<4.5.3|>=5.0.0,<5.1.1

Reported by:
GitHub