CVE-2026-47730
A flaw was found in Twig, a template language for PHP. The HtmlDumper component, responsible for rendering profiler information, does not properly sanitize user-controlled template or profile names before including them in the HTML output. This vulnerability allows an attacker to inject malicious...