CVE-2012-4277

Cross-site scripting (XSS) vulnerability in the smarty_function_html_options_optoutput function in distribution/libs/plugins/function.html_options.php in Smarty before 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Date published : 2012-08-13

http://code.google.com/p/smarty-php/source/detail?r=4612

http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt