Sensiolabs » Symfony : Security Vulnerabilities, CVEs, Published In 2017
Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
Max CVSS
9.8
EPSS Score
0.58%
Published
2017-02-07
Updated
2018-08-06
1 vulnerabilities found