diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
symfony/src/Symfony/Bundle
History
Nicolas Grekas 783ef2fb1d security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909 (stof) 
This PR was merged into the 2.7 branch.

Discussion
----------

[FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909

https://www.intigriti.com/researcher/submission/CfDJ8Pja6NZvkpNCmx5vVyiGSn4K0Hgfyo6ynNDaSmw63JqRiMJ1Arv1xOxeLFRsv7xVI0MAspfOj8pKsT-ruB6Pfx5HvSOKt0UzPUqqpEWtGNo2kb3xuLP19uhpuMvrZOXnDA

![image](https://user-images.githubusercontent.com/211740/55671589-dc3d0700-5891-11e9-8420-2ab8961c69db.png)

Commits
-------

e645e2aa7e Fix XSS issues in the form theme of the PHP templating engine
 		2019-04-16 11:58:49 +02:00
..
DebugBundle fixed years in copyright 2018-01-03 08:23:28 +01:00
FrameworkBundle security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909 (stof) 2019-04-16 11:58:49 +02:00
SecurityBundle fixed constraints 2018-05-25 08:35:17 +02:00
TwigBundle Use symfony/polyfill-ctype 2018-05-01 15:30:49 -07:00
WebProfilerBundle [Profiler] Remove propel & event_listener_loading category identifiers 2018-05-14 18:07:30 +02:00