6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.1%
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13,
3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request
handler classes of the Form component merge POST data and uploaded files
data into one array. This big array forms the data that are then bound to
the form. At this stage there is no difference anymore between submitted
POST data and uploaded files. A user can send a crafted HTTP request where
the value of a “FileType” is sent as normal POST data that could be
interpreted as a local file path on the server-side (for example,
“file:///etc/passwd”). If the application did not perform any additional
checks about the value submitted to the “FileType”, the contents of the
given file on the server could have been exposed to the attacker.
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.1%