CVE-2020-13756: Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data ...

Severity: Critical

CVSS Score: 9.8

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors() or getSelectorsBySpecificity() is called with input from an attacker.