A vulnerability labeled as problematic has been found in Symfony . This impacts an unknown function of the component HtmlSanitizer URL Parser . Executing a manipulation can lead to clickjacking. This vulnerability appears as CVE-2026-48760 . The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.