5 matches found
Exploit for Code Injection in Symfony Twig
Successful Errors: New Code Injection and SSTI Techniques !R...
Cross-site Scripting (XSS)
Overview symfony/ux-twig-component is a Twig components for Symfony Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ComponentAttributes class. An attacker can manipulate HTML attribute outputs and potentially execute scripts in the context of the affected web...
Possible sandbox bypass
More info at https://symfony.com/blog/twig-security-release-possible-sandbox-bypass...
Exploit for Code Injection in Symfony Twig
CVE-2022-23614 PoC for CVE-2022-23614https://vulners.com/cv...
Sandbox Information Disclosure
More info at https://symfony.com/blog/twig-sandbox-information-disclosure...