Syliusresourcebundle Security Vulnerabilities and Issues — Syliusresourcebundle CVE List

Lucene search

SyliusSyliusresourcebundle

2 matches found

CVE•added 2020/08/20 1:17 a.m.•73 views

CVE-2020-15146

In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, request parameters injected inside an expression evaluated by symfony/expression-language package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, al...

9.6CVSS8.9AI score0.01092EPSS

CVE•added 2020/08/20 1:17 a.m.•70 views

CVE-2020-15143

In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, rrequest parameters injected inside an expression evaluated by symfony/expression-language package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, a...

8.8CVSS8.4AI score0.01092EPSS