Composer/Damienharper/Auditor-Bundle | GitLab Advisory Database

auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped

Unescaped entity property enables Javascript injection.