GHSA-297g-xg4h-7w4c

Suggest an improvement
Source
https://github.com/advisories/GHSA-297g-xg4h-7w4c
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-297g-xg4h-7w4c/GHSA-297g-xg4h-7w4c.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-297g-xg4h-7w4c
Published
2024-05-15T21:54:05Z
Modified
2024-11-29T05:23:08.769002Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N CVSS Calculator
Summary
Laravel Cross-site Scripting vulnerability in blade templating
Details

Laravel is prone to a Cross-site Scripting vulnerability in blade templating.

Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-15T21:54:05Z"
}
References

Affected packages

Packagist / illuminate/view

Package

Name
illuminate/view
Purl
pkg:composer/illuminate/view

Affected ranges

Type
ECOSYSTEM
Events
Introduced
7.0.0
Fixed
7.1.2

Affected versions

v7.*

v7.0.0
v7.0.1
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.6
v7.0.7
v7.0.8
v7.1.0
v7.1.1