GoogleOSV:GHSA-Q847-2Q57-WMR3Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.5%
Description
Some Twig filters in CodeExtension use “is_safe=html” but don’t actually ensure their input is safe.
Resolution
Symfony now escapes the output of the affected filters.
The patch for this issue is available here for branch 4.4.
Credits
We would like to thank Pierre Rudloff for reporting the issue and to Nicolas Grekas for providing the fix.
References
github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2023-46734.yaml
github.com/symfony/symfony
github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54
github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c
github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3
lists.debian.org/debian-lts-announce/2023/11/msg00019.html
nvd.nist.gov/vuln/detail/CVE-2023-46734
symfony.com/cve-2023-46734
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.5%