Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:33984
HistoryFeb 03, 2022 - 7:21 a.m.

Cross-site Request Forgery (CSRF)

2022-02-0307:21:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
cross-site request forgery
frameworkextension.php
form_default_csrf.php
remote attacker
malicious code
vulnerability

EPSS

0.001

Percentile

41.8%

symfony/symfony is vulnerable to cross-site request forgery. The vulnerability exists in FrameworkExtension.php and form_default_csrf.php because the user inputs are not properly validate which allows a remote attacker to inject and execute malicious code into the system.