CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46735 – Symfony potential Cross-site Scripting in WebhookController
https://notcve.org/view.php?id=CVE-2023-46735
10 Nov 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response. Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir de la versión 6.0.0 y anteriores a la versión 6.3.8, el m... • https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-46734 – Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
https://notcve.org/view.php?id=CVE-2023-46734
10 Nov 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters. Symfony es un framework PHP para aplicaciones web y de consola y un conjunto de componentes PHP reutilizables. A partir d... • https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46733 – Symfony possible session fixation vulnerability
https://notcve.org/view.php?id=CVE-2023-46733
10 Nov 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (p... • https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9 • CWE-384: Session Fixation •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-24894 – Symfony storing cookie headers in HttpCache
https://notcve.org/view.php?id=CVE-2022-24894
03 Feb 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's se... • https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb • CWE-285: Improper Authorization •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-24895 – Symfony vulnerable to Session Fixation of CSRF tokens
https://notcve.org/view.php?id=CVE-2022-24895
03 Feb 2023 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. Soner Sayakci discovered that Symfony incorrectly han... • https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-bundle/CVE-2022-24895.yaml • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23601 – CSRF token missing in Symfony
https://notcve.org/view.php?id=CVE-2022-23601
01 Feb 2022 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change ... • https://github.com/symfony/symfony/commit/f0ffb775febdf07e57117aabadac96fa37857f50 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-41270 – CSV Injection in Symfony
https://notcve.org/view.php?id=CVE-2021-41270
24 Nov 2021 — Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in t... • https://github.com/symfony/symfony/commit/3da6f2d45e7536ccb2a26f52fbaf340917e208a8 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41267 – Webcache Poisoning in Symfony
https://notcve.org/view.php?id=CVE-2021-41267
24 Nov 2021 — Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to f... • https://github.com/symfony/symfony/commit/95dcf51682029e89450aee86267e3d553aa7c487 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41268 – Cookie persistence in Symfony
https://notcve.org/view.php?id=CVE-2021-41268
24 Nov 2021 — Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password p... • https://github.com/symfony/symfony/commit/36a808b857cd3240244f4b224452fb1e70dc6dfc • CWE-384: Session Fixation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32693 – Authentication granted with multiple firewalls
https://notcve.org/view.php?id=CVE-2021-32693
17 Jun 2021 — Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the app... • https://github.com/symfony/security-http/commit/6bf4c31219773a558b019ee12e54572174ff8129 • CWE-287: Improper Authentication •