Security Advisories - PKSA-ks3q-z9y3-61pz - Packagist.org

PKSA-ks3q-z9y3-61pz Security Advisory

[LOW] symfony/ux-live-component CSRF Protection Bypass: Accept Header is CORS-Safelisted

PKSA-ks3q-z9y3-61pz CVE-2026-49215 GHSA-4m4j-hmqq-3gxm

Affected package: symfony/ux-live-component

Affected version: >=2.22.0,<2.36.0|>=3.0.0,<3.1.0

Reported by:
GitHub, FriendsOfPHP/security-advisories