Zurück zur CVE-Übersicht
CVE-2026-45074
NONERisk Signal Score10/100 — NIEDRIG
- Weniger als 24 Stunden alt
Beschreibung
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 7.1.0 until 7.4.12 and 8.0.12, Cas2Handler builds the CAS service parameter from Request::getSchemeAndHttpHost(), which reflects an attacker-controlled Host header when framework.trusted_hosts is not configured; an attacker controlling another application registered with the same CAS server can replay a victim ticket against the Symfony application and authenticate as the victim. This issue is fixed in versions 7.4.12 and 8.0.12.
GitHub Advisories
GHSA-j8gj-9rm5-4xhxMEDIUM
Symfony's Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay
composer/symfony/security-http→ 7.4.12
GitHub Advisory