5 matches found
Oracle WebLogic Server Unauthorized Access (April 2026 CPU)
The 12.2.1.4.0 version of WebLogic Server installed on the remote host is affected by a vulnerability as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Centralized Thirdparty Jars Validator. The supported...
The vulnerability of the validator component in the Symfony software development and web application management platform allows a hacker to access confidential data.
The vulnerability of the validator component in the Symfony software development and management platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
Cross-Site Scripting (XSS)
typo3/cms is vulnerable to Cross-Site Scripting XSS. The vulnerability is caused due to a lack of sanitization of content from editors. This allows attackers with valid editor accounts to inject malicious scripts into content scanned by the link validator component...
GHSA-Q8J7-FJH7-25V5 Symfony collectionCascaded and collectionCascadedDeeply fields security bypass
When using the Validator component, if Symfony\Component\Validator\Mapping\Cache\ApcCache is enabled or any other cache implementing Symfony\Component\Validator\Mapping\Cache\CacheInterface, some information is lost during serialization the collectionCascaded and the...
Security releases: Symfony 2.0.24, 2.1.12, 2.2.5, and 2.3.3 released
Log in to add a reaction to this post add a reaction β€οΈ π π Symfony 2.0.24, 2.1.12, 2.2.5, and 2.3.3 have just been released and they contain security fixes for the Validator component CVE-2013-4751 and the HttpFoundation component CVE-2013-4752. Even if Symfony 2.0 and 2.1 are out of maintenance,...