Twig Template Engine Sandbox Bypass via Callable Filters

Twig, a popular PHP templating engine, contains a critical sandbox bypass vulnerability affecting versions 2.16.x and 3.9.0 through 3.25.x. When a SourcePolicyInterface is configured to enforce sandbox restrictions, attackers who can control template rendering can inject arbitrary PHP callables through sort, filter, map, and reduce filters to execute unauthorized code. The vulnerability stems from a runtime check that fails to properly validate the current template source, allowing the sandbox policy to be circumvented. This is particularly dangerous for platforms that allow user-supplied templates or plugin systems, as it transforms a template injection from a restricted operation into full code execution. Any application using Twig with source-level sandbox policies is affected, including content management systems, templating platforms, and applications with plugin architectures.

Detecting exploitation of this vulnerability requires monitoring template processing behavior and callable execution patterns. Practitioners using Casky's extended reasoning capabilities would identify suspicious indicators such as attempts to pass PHP callables to filtering operations, unexpected function references in template contexts, and runtime sandbox policy violations. Security teams should establish detection rules focused on Template Injection (MITRE ATT&CK T1027 - Obfuscated Files or Information) combined with Code Execution patterns, monitoring for anomalous filter usage with callable parameters and mismatches between declared sandbox policies and actual execution scope. Casky's skill mapping would highlight the gap between policy-enforced restrictions and actual template runtime behavior, allowing practitioners to correlate template rendering events with privilege escalation or code execution indicators that suggest sandbox bypass attempts.