[MEDIUM] symfony/ux-live-component Unsanitized HTML attribute injection via ComponentAttributes

PKSA-9bp8-3bj8-8jj2 CVE-2025-47946 GHSA-5j3w-5pcr-f8hg

Affected version: <2.25.1

Reported by:
GitHub, FriendsOfPHP/security-advisories