CVE-2018-11408

2018-06-13T16:29:00
ID CVE-2018-11408
Type cve
Reporter cve@mitre.org
Modified 2019-03-13T17:53:00

Description

The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652.