CVE-2026-48761 | Symfony URL Attribute cross site scripting

Inserito da Angelo Barbosa | Giu 16, 2026 | CVE

A vulnerability marked as problematic has been reported in Symfony. Affected is an unknown function of the component URL Attribute Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-48761. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-48761 | Symfony URL Attribute cross site scripting

Post correlati

CVE-2023-7043 | ESET Endpoint Security unquoted search path

CVE-2023-43116 | Buildkite Elastic CI for AWS up to 5.22.4/6.7.0 PIPELINE_PATH symlink (ATREDIS-2023-0003)

CVE-2023-42504 | Apache Superset up to 2.x Concurrent Request allocation of resources

CVE-2025-27424 | Mozilla Firefox up to 135 on iOS HTTP scheme URL redirect