Symfony Double-URL-Encoded Path Security Bypass Vulnerability

Symfony is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization.

Attackers can exploit this issue to bypass certain security restrictions or perform unauthorized actions; this may aid in launching further attacks.

Symfony 2.0.0 through 2.0.19 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus