Join Sean Mackay at SymfonyDay Montreal as he breaks down the key Symfony features (Doctrine, Messenger, Events) that transformed Pimcore into a robust, update-friendly platform
May 27, 2026
#Conferences
HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks and Unicode Whitespace Bypass Visual-Spoofing Defense
May 27, 2026
#Security Advisories
#Symfony
HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes on object, applet, iframe, img and the URL Inside meta http-equiv="refresh" content
May 27, 2026
#Security Advisories
#Symfony
Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
May 27, 2026
#Security Advisories
#Symfony
UrlGenerator Dot-Segment Encoding Skips Every Other Chained ../ or ./: Generated URL Collapses Off-Route Under RFC 3986 Normalization
May 27, 2026
#Security Advisories
#Symfony
❤️ 1
IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient
May 27, 2026
#Security Advisories
#Symfony
Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes
May 27, 2026
#Security Advisories
#Symfony