Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.9 views

PT-2026-44546

Name of the Vulnerable Software and Affected Versions Symfony Webhook Bridges versions prior to 6.4 Symfony Webhook Bridges versions prior to 7.4 Description The Mailjet mailer bridge and the LOX24 SMS notifier bridge contain webhook request parsers that fail to authenticate event callbacks. The...

8.7CVSS5.8AI score0.00103EPSS
Exploits0References10
Snyk
Snyk
added 2026/05/20 3:35 p.m.9 views

Missing Authentication for Critical Function

Overview symfony/lox24-notifier is a Symfony LOX24 Notifier Bridge Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the doParse webhook request parsers in the Mailjet maile bridge and LOX24 SMS notifier bridge. An attacker can submit forged...

6.9CVSS5.8AI score0.00103EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.5 views

CVE-2026-45754: Mailjet Mailer and LOX24 Notifier Webhook Parsers Never Verify the Configured Secret: Unauthenticated Webhook Event Injection

More info at https://symfony.com/cve-2026-45754...

5.8AI score0.00103EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.4 views

CVE-2026-45754: Mailjet Mailer and LOX24 Notifier Webhook Parsers Never Verify the Configured Secret: Unauthenticated Webhook Event Injection

More info at https://symfony.com/cve-2026-45754...

5.8AI score0.00103EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.8 views

CVE-2026-45754: Mailjet Mailer and LOX24 Notifier Webhook Parsers Never Verify the Configured Secret: Unauthenticated Webhook Event Injection

More info at https://symfony.com/cve-2026-45754...

5.8AI score0.00103EPSS
Exploits0Affected Software1
Rows per page
Query Builder