[MEDIUM] symfony/ux-twig-component Unsanitized HTML attribute injection via ComponentAttributes

PKSA-1g87-trgd-pt11 CVE-2025-47946 GHSA-5j3w-5pcr-f8hg

Affected version: <2.25.1

Reported by:
GitHub, FriendsOfPHP/security-advisories