2 matches found
CVE-2020-25912
A XML External Entity XXE vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service DOS...
CVE-2020-25912
CVE-2020-25912 describes an XXE vulnerability in Symphony 2.7.10 affecting symphony/lib/toolkit/class.xmlelement.php. The root cause is lack of disabling external entities in convertFromXMLString, enabling information disclosure or denial of service. Multiple connected sources (Veracode, CNVD, RH...