[HIGH] PHP Code Injection by malicious block or filename

PKSA-6y8p-nrf4-ysf5 CVE-2022-29221 GHSA-634x-pc3q-cf4c

Affected package: smarty/smarty

Affected version: <3.1.45|>=4.0.0,<4.1.1

Reported by:
GitHub, FriendsOfPHP/security-advisories