2 matches found
CVE-2026-45064 Symfony: HtmlSanitizer URL Attributes Pass Through BiDi Override Characters → Visual href Spoofing
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, UrlSanitizer::parse passes Unicode explicit-direction BiDi formatting characters through into sanitized href and src attributes, allowing sanitized...
JetBrains IntelliJ IDEA has an unspecified vulnerability (CNVD-2022-55673)
JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Czech company Jetbrains. security vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which stems from an insufficient notification mechanism for using Unicode...