Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
sumocoders FrameworkUserBundle login.html.twig information exposure
Vulnerability Description
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in sumocoders FrameworkUserBundle up to 1.3.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Resources/views/Security/login.html.twig. The manipulation leads to information exposure through error message. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is abe4993390ba9bd7821ab12678270556645f94c8. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217268. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
FrameworkUserBundle 安全漏洞
Vulnerability Description
FrameworkUserBundle是Sumo Coders开源的一个框架捆绑包。用于管理动态共享库及其相关资源。 FrameworkUserBundle 1.4.0之前版本存在安全漏洞,该漏洞源于文件 Resources/views/Security/login.html.twig 的一些未知功能,操纵导致通暴露信息。
CVSS Information
N/A
Vulnerability Type
N/A