Lucene search
PRIOn knowledge basePRION:CVE-2018-12040HistoryJun 13, 2018 - 10:29 p.m.
Cross site scripting
2018-06-1322:29:00
PRIOn knowledge base
www.prio-n.com
6
0.002 Low
EPSS
Percentile
55.3%
DISPUTED Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the “file” parameter, aka an _profiler/open?file= URI. NOTE: The vendor states “The XSS … is in the web profiler, a tool that should never be deployed in production (so, we don’t handle those issues as security issues).”
Related
nvd
nvd
CVE-2018-12040
2018-06-13 22:29:00
CVE-2019-20058
2019-12-29 19:15:11
cve
cve
CVE-2018-12040
2018-06-13 22:29:00
CVE-2019-20058
2019-12-29 19:15:11
cvelist
cvelist
CVE-2018-12040
2018-06-13 22:00:00
CVE-2019-20058
2019-12-29 18:50:50
packetstorm
packetstorm
SensioLabs Symfony 3.3.6 Cross Site Scripting
2018-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2018-12040
2018-06-13 00:00:00
debiancve
debiancve
CVE-2018-12040
2018-06-13 22:29:00
prion
prion
Design/Logic Flaw
2019-12-29 19:15:00