symfony/symfony is vulnerable to cross-site request forgery. The vulnerability exists in FrameworkExtension.php
and form_default_csrf.php
because the user inputs are not properly validate which allows a remote attacker to inject and execute malicious code into the system.