EPSS
Percentile
79.0%
symfony is vulnerable to authorization bypasses. A malicious user can pass a valid username and a null value as the password to gain unauthorized access to another user’s account.
null
github.com/symfony/symfony/pull/26589
symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password