Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:35 a.m.7 views

CVE-2023-41336

ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...

6.5CVSS6.7AI score0.00523EPSS
Exploits0
NVD
NVD
added 2023/09/11 8:15 p.m.47 views

CVE-2023-41336

ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...

6.5CVSS6.4AI score0.00523EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/09/11 7:21 p.m.50 views

CVE-2023-41336 Prevent injection of invalid entity ids for "autocomplete" fields in symfony ux-autocomplete

ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...

6.5CVSS6.6AI score0.00523EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/09/11 7:21 p.m.16 views

CVE-2023-41336 Prevent injection of invalid entity ids for "autocomplete" fields in symfony ux-autocomplete

ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...

6.5CVSS6.6AI score0.00523EPSS
Exploits0References4
CVE
CVE
added 2023/09/11 7:21 p.m.73 views

CVE-2023-41336

CVE-2023-41336 affects Symfony UX Autocomplete (ux-autocomplete). Under certain circumstances, an attacker could submit an entity ID for an EntityType that is not among valid choices. The issue has been fixed in version 2.11.2 of symfony/ux-autocomplete. Public sources (Red Hat, NVD, OSV, CVE lis...

6.5CVSS6.3AI score0.00523EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/09/11 7:21 p.m.25 views

CVE-2023-41336 Prevent injection of invalid entity ids for "autocomplete" fields in symfony ux-autocomplete

ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...

6.5CVSS6.4AI score0.00523EPSS
Exploits0References6
Rows per page
Query Builder