CVE-2023-29712

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter...

The vulnerability of the HttpFoundation component in the Symfony framework, related to errors in handling HTTP headers, allows attackers to compromise the integrity of protected data.

The vulnerability of the HttpFoundation component in the Symfony framework is related to the support for the IIS header, which allows users to override the URL path through the X-Original-URL or X-Rewrite-URL headers. Exploiting this vulnerability enables an attacker to compromise the integrity o...

Sensio Labs Symfony Security Bypass Vulnerability (CNVD-2018-21473)

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A security bypass vulnerability exists in Http Foundation ...

DEBIAN-CVE-2018-14773

An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a legacy IIS header that lets users override the path in the request URL via the...