Packagist (Composer) package
damienharper/auditor-bundle
pkg:composer/damienharper/auditor-bundle
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45592 | — | < 5.2.6 | 5.2.6 | Sep 10, 2024 | auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because `%source_label%` in twig macro is not escaped |
- CVE-2024-45592Sep 10, 2024affected < 5.2.6fixed 5.2.6
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because `%source_label%` in twig macro is not escaped