Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 8:23 p.m.9 views

CVE-2025-47946

Symfony UX is an initiative and set of libraries to integrate JavaScript tools into applications. Prior to version 2.25.1, rendering attributes or using any method that returns a ComponentAttributes instance e.g. only, defaults, without ouputs attribute values directly without escaping. If these...

6.1CVSS6.1AI score0.00212EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/05/19 7:25 p.m.12 views

CVE-2025-47946 symfony/ux-live-component and symfony/ux-twig-component vulnerable to unsanitized HTML attribute injection via ComponentAttributes

Symfony UX is an initiative and set of libraries to integrate JavaScript tools into applications. Prior to version 2.25.1, rendering attributes or using any method that returns a ComponentAttributes instance e.g. only, defaults, without ouputs attribute values directly without escaping. If these...

6.1CVSS6.2AI score0.00212EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/19 7:25 p.m.27 views

CVE-2025-47946 symfony/ux-live-component and symfony/ux-twig-component vulnerable to unsanitized HTML attribute injection via ComponentAttributes

Symfony UX is an initiative and set of libraries to integrate JavaScript tools into applications. Prior to version 2.25.1, rendering attributes or using any method that returns a ComponentAttributes instance e.g. only, defaults, without ouputs attribute values directly without escaping. If these...

6.1CVSS0.00212EPSS
Exploits0References2
CVE
CVE
added 2025/05/19 7:25 p.m.60 views

CVE-2025-47946

Summary: CVE-2025-47946 affects Symfony UX components. Prior to 2.25.1, rendering {{ attributes }} or using methods returning a ComponentAttributes instance can output unescaped attribute values, risking HTML attribute injection and XSS. The vulnerability affects the Symfony UX Twig component and...

6.1CVSS6.2AI score0.00212EPSS
Exploits0References2
Circl
Circl
added 2025/05/19 12:4 p.m.35 views

CVE-2025-47946

creationtimestamp| type| source ---|---|--- 2025-05-19 12:04:13+00:00| seen| https://bsky.app/profile/symfony.com/post/3lpjjr442kx2g 2025-05-19 19:39:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16915 2025-05-19 21:13:12+00:00| seen|...

6.1CVSS4.8AI score0.00212EPSS
Exploits0References3
Rows per page
Query Builder