Vulnerabilities > CVE-2023-46735 - Unspecified vulnerability in Sensiolabs Symfony

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
sensiolabs
NVD
Published: 2023-11-10
Updated: 2024-11-21

Summary

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response.

Vulnerable Configurations

Part Description Count
Application
Sensiolabs
53

References