GHSA-8x9c-rmqh-456c: Twig: Sandbox `__toString()` policy bypass via `Traversable` in `join` and `replace` filters
A vulnerability in twig/twig before version 3.27.0 allows sandboxed template authors to bypass sandbox policy restrictions on the __toString() method via the join and replace filters with Traversable inputs, and the in and not in operators. This bypass occurs because the sandbox policy did not recursively check Stringable objects inside Traversable containers or operands coerced to string during comparisons. The issue enables disallowed __toString() calls on objects reachable from the render context despite sandbox restrictions. The vulnerability is rated medium severity.
AI Analysis
Technical Summary
This vulnerability is a residual bypass of a previous fix for unguarded __toString() calls in twig/twig. The SandboxExtension::ensureToStringAllowed() method originally recursed into PHP arrays to check Stringable objects against the sandbox policy but did not materialize or check contents of Traversable inputs passed to join and replace filters. These filters later coerce contained Stringable objects to strings without policy checks. Similarly, the in and not in operators use PHP's spaceship operator which coerces Stringable objects to strings without sandbox checks, allowing bypass and potential content leak. The fix added recursive checking of Traversable operands and declared operands of in/not in as string-coerced to enforce policy checks before string coercion.
Potential Impact
Sandboxed template authors with permission to use join, replace, in, or not in can trigger disallowed __toString() method calls on objects in the render context, bypassing sandbox policy restrictions. This can lead to unauthorized execution of __toString() methods that were intended to be blocked, potentially exposing sensitive data or causing unintended side effects. The vulnerability affects sandboxed environments and can also be used as a content-leak oracle via the in operator.
Mitigation Recommendations
A fix is available in twig/twig version 3.27.0 that addresses this bypass by recursively checking Traversable inputs and properly enforcing sandbox policy on string coercion in the affected filters and operators. Users should upgrade to version 3.27.0 or later to remediate this vulnerability. No other mitigation is required as the fix fully addresses the issue.
GHSA-8x9c-rmqh-456c: Twig: Sandbox `__toString()` policy bypass via `Traversable` in `join` and `replace` filters
Description
A vulnerability in twig/twig before version 3.27.0 allows sandboxed template authors to bypass sandbox policy restrictions on the __toString() method via the join and replace filters with Traversable inputs, and the in and not in operators. This bypass occurs because the sandbox policy did not recursively check Stringable objects inside Traversable containers or operands coerced to string during comparisons. The issue enables disallowed __toString() calls on objects reachable from the render context despite sandbox restrictions. The vulnerability is rated medium severity.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability is a residual bypass of a previous fix for unguarded __toString() calls in twig/twig. The SandboxExtension::ensureToStringAllowed() method originally recursed into PHP arrays to check Stringable objects against the sandbox policy but did not materialize or check contents of Traversable inputs passed to join and replace filters. These filters later coerce contained Stringable objects to strings without policy checks. Similarly, the in and not in operators use PHP's spaceship operator which coerces Stringable objects to strings without sandbox checks, allowing bypass and potential content leak. The fix added recursive checking of Traversable operands and declared operands of in/not in as string-coerced to enforce policy checks before string coercion.
Potential Impact
Sandboxed template authors with permission to use join, replace, in, or not in can trigger disallowed __toString() method calls on objects in the render context, bypassing sandbox policy restrictions. This can lead to unauthorized execution of __toString() methods that were intended to be blocked, potentially exposing sensitive data or causing unintended side effects. The vulnerability affects sandboxed environments and can also be used as a content-leak oracle via the in operator.
Mitigation Recommendations
A fix is available in twig/twig version 3.27.0 that addresses this bypass by recursively checking Traversable inputs and properly enforcing sandbox policy on string coercion in the affected filters and operators. Users should upgrade to version 3.27.0 or later to remediate this vulnerability. No other mitigation is required as the fix fully addresses the issue.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-8x9c-rmqh-456c
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-48807"]
- Ecosystems
- ["Packagist"]
- Database Specific Severity
- MODERATE
- Cvss Version
- null
Threat ID: 6a4452e027e9c797198e1086
Added to database: 06/30/2026, 23:36:00 UTC
Last enriched: 06/30/2026, 23:47:07 UTC
Last updated: 07/01/2026, 03:26:11 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.