6.1 Medium
AI Score
Confidence
High
Laravel 7.1.2 addresses a possible XSS related attack vector in the Laravel 7.x Blade Component tag attributes when users are allowed to dictate the value of attributes. All Laravel 7.x users are encouraged to upgrade as soon as possible.
blog.laravel.com/security-laravel-712-released
github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/2020-03-13-1.yaml
github.com/laravel/framework
github.com/laravel/framework/pull/31945
github.com/laravel/framework/releases/tag/v7.1.2