Security Advisories - PKSA-ks3q-z9y3-61pz - Packagist.org

PKSA-ks3q-z9y3-61pz Security Advisory

symfony/ux-live-component CSRF Protection Bypass: Accept Header is CORS-Safelisted

PKSA-ks3q-z9y3-61pz CVE-2026-49215

Affected package: symfony/ux-live-component

Affected version: >=2.22.0,<2.36.0|>=3.0.0,<3.1.0

Reported by:
FriendsOfPHP/security-advisories