Symfony Twig-Bridge vulnerabilities

1 known vulnerability affecting symfony/twig-bridge.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2023-46734MEDIUM≥ 2.0.0, < 4.4.51≥ 5.0.0, < 5.4.31+1 more2023-11-12
CVE-2023-46734 [MEDIUM] CWE-79 Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters Symfony potential Cross-site Scripting vulnerabilities in CodeExtension filters ### Description Some Twig filters in CodeExtension use "is_safe=html" but don't actually ensure their input is safe. ### Resolution Symfony now escapes the output of the affected filters. The patch for this issue is available [here](https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c
ghsaosv