Multiple Vulnerabilities Discovered in Symfony

📌 Multiple vulnerabilities were discovered in Symfony on 20 May 2026, as reported by the French government’s CERT (CERT-FR). The flaws enable attackers to execute remote denial-of-service (DoS) attacks, cross-site scripting (XSS) via indirect code injection, and cross-site request forgery (CSRF) through illegitimate request rebounding. No specific CVE identifiers, affected versions, or technical exploitation details were provided in the notice. The impacts include service disruption, unauthorized code execution in user browsers, and potential session hijacking. The advisory was published under reference CERTFR-2026-AVI-0617.