In Symfony prior to 2.7.51, 2.8.x prior to 2.8.50, 3.x prior to 3.4.26, 4.x prior to 4.1.12, and 4.2.x prior to 4.2.7, a vulnerability would allow an malicious user to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sensiolabs symfony |
||
drupal drupal |