Vulnerabilities

CVE-2012-6431

by Fred · 27/12/2012

Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string.

Date published : 2012-12-27

http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released

Similar

Tags: Cybersecurity Alert