Ryan Weaver

1 exploit Active since Sep 2023
CVE-2023-41336 WRITEUP MEDIUM WRITEUP
Symfony ux-autocomplete <2.11.2 - Info Disclosure
ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an `EntityType` that is *not* part of the valid choices. The problem has been fixed in `symfony/ux-autocomplete` version 2.11.2.
CVSS 6.5