Control: tags -1 + confirmed On Wed, 2023-11-15 at 13:53 +0100, David Prévot wrote: > I’d like to fix the following two security issues in the next point > release, as advised by the security team (they do not intend to issue > a > DSA for that). > > [TwigBridge] Ensure CodeExtension's filters properly escape their > input > [CVE-2023-46734] (Closes: #1055774) > [Security] Fix possible session fixation when only the *token* > changes > [CVE-2023-46733] (Closes: #1055775)
Please go ahead. Regards, Adam
