A XML External Entity (XXE) vulnerability was discovered in symphonylibtoolkitclass.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25912
Reference (s):
- http://symphony.com
- https://github.com/symphonycms/symphonycms/issues/2924