Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2019-10909
HistoryMay 16, 2019 - 10:29 p.m.

Input validation

2019-05-1622:29:00
PRIOn knowledge base
www.prio-n.com
8

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.7%

JSON

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.

Related

cve 1
osv 4
friendsofphp 4
ubuntucve 1
nvd 1
symfony 1
github 1
debiancve 1
cvelist 1
veracode 1
fedora 11
nessus 12
openvas 8
freebsd 1
drupal 1
thn 1
debian 3
ibm 1
cve
cve
CVE-2019-10909
2019-05-16 22:29:00
osv
osv
Symfony Cross-site Scripting (XSS) vulnerability
2019-11-12 23:00:53
CVE-2019-10909
2019-05-16 22:29:00
symfony - security update
2019-05-06 00:00:00
friendsofphp
friendsofphp
Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005
1970-01-01 00:00:00
CVE-2019-10909: Escape validation messages in the PHP templating engine
1970-01-01 00:00:00
CVE-2019-10909: Escape validation messages in the PHP templating engine
1970-01-01 00:00:00
ubuntucve
ubuntucve
CVE-2019-10909
2019-05-16 00:00:00
nvd
nvd
CVE-2019-10909
2019-05-16 22:29:00
symfony
symfony
CVE-2019-10909: Escape validation messages in the PHP templating engine
2019-04-17 00:00:00
github
github
Symfony Cross-site Scripting (XSS) vulnerability
2019-11-12 23:00:53
debiancve
debiancve
CVE-2019-10909
2019-05-16 22:29:00
cvelist
cvelist
CVE-2019-10909
2019-05-16 21:36:10
veracode
veracode
Cross-site Scripting (XSS)
2019-04-18 04:55:27
fedora
fedora
[SECURITY] Fedora 29 Update: php-symfony3-3.4.26-1.fc29
2019-04-27 23:12:02
[SECURITY] Fedora 30 Update: php-symfony3-3.4.26-1.fc30
2019-04-27 21:35:08
[SECURITY] Fedora 30 Update: php-symfony4-4.2.7-2.fc30
2019-04-27 21:35:09
nessus
nessus
Drupal 7.x < 7.66 / 8.5.x < 8.5.15 / 8.6.x < 8.6.15 Multiple Vulnerabilities (drupal-2019-04-17)
2019-04-19 00:00:00
FreeBSD : drupal -- Drupal core - Moderately critical (2bad8b5d-66fb-11e9-9815-78acc0a3b880)
2019-04-25 00:00:00
Debian DLA-1778-1 : symfony security update
2019-05-07 00:00:00
openvas
openvas
Drupal 8.x Multiple Vulnerabilities (SA-CORE-2019-005) - Linux
2019-04-24 00:00:00
Drupal 8.x Multiple Vulnerabilities (SA-CORE-2019-005) - Windows
2019-04-24 00:00:00
Debian: Security Advisory (DLA-1778-1)
2019-05-07 00:00:00
freebsd
freebsd
drupal -- Drupal core - Moderately critical
2019-04-17 00:00:00
drupal
drupal
Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005
2019-04-17 00:00:00
thn
thn
Drupal Releases Core CMS Updates to Patch Several Vulnerabilities
2019-04-17 21:51:00
debian
debian
[SECURITY] [DLA 1778-1] symfony security update
2019-05-06 19:15:39
[SECURITY] [DSA 4441-1] symfony security update
2019-05-10 06:26:19
[SECURITY] [DSA 4441-1] symfony security update
2019-05-10 06:26:19
ibm
ibm
Security Bulletin: IBM API Connect's Developer Portal is impacted by vulnerabilities in Drupal core (CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-11358)
2019-05-31 13:40:01

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.7%

JSON
Related for PRION:CVE-2019-10909
cve1osv4friendsofphp4ubuntucve1nvd1symfony1github1debiancve1cvelist1veracode1fedora11nessus12openvas8freebsd1drupal1thn1debian3ibm1