« Security Advisories » blog posts
CVE-2023-46735: Potential XSS in WebhookController
CVE-2023-46735: Potential XSS in WebhookController
CVE-2023-46733: Possible session fixation
CVE-2023-46733: Possible session fixation
CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters
CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters
CVE-2023-41336: symfony/ux-autocomplete Prevent injection of invalid entity ids for "autocomplete" fields
Security bug release for symfony/ux-autocomplete CVE-2023-41336
CVE-2022-24894: Prevent storing cookie headers in HttpCache
CVE-2022-24894: Prevent storing cookie headers in HttpCache.
CVE-2022-24895: CSRF token fixation
CVE-2022-24895: CSRF token fixation.
CVE-2022-23601: CSRF token missing in forms
CVE-2022-23601 fixes CSRF token missing in forms.
CVE-2021-41268: Remember me cookie persistance after password changes
CVE-2021-41268: Remember me cookie persistance after password changes
CVE-2021-41267: Webcache Poisoning via X-Forwarded-Prefix and sub-request
CVE-2021-41267: Webcache Poisoning via X-Forwarded-Prefix and sub-request
CVE-2021-41270: Prevent CSV Injection via formulas
CVE-2021-41270: Prevent CSV Injection via formulas