Open Redirect Vulnerability in Symfony Framework
CVE-2018-19790
6.1MEDIUM
What is CVE-2018-19790?
An open redirect vulnerability has been identified in the Symfony framework, allowing attackers to manipulate the '_failure_path' input field in login forms. By injecting backslashes, an attacker can bypass redirection restrictions, potentially redirecting users to malicious sites after successful login. This poses a significant security risk, making it essential for developers to update their Symfony versions to mitigate this vulnerability.