Reflected Cross-Site Scripting (Reflected XSS)

laravel/framework is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to improper encoding of route parameters in the debug-mode error page, allows an attacker to inject and execute malicious scripts in a victim’s browser by tricking them into visiting a...

The vulnerability of the Debug Mode mode in the Laravel PHP framework allows attackers to perform cross-site scripting attacks.

The vulnerability of the Debug Mode mode in the Laravel PHP framework is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

SAP Web Dispatcher和SAP Internet Communication Manager 日志信息泄露漏洞

SAP Web Dispatcher and SAP Internet Communication Manager SAP ICM are both products of SAP, Germany. SAP Web Dispatcher is a core component of Load Balancing, which supports load balancing and provides reverse proxy functionality to enable external users to access internal applications. SAP...

Cross-site Scripting (XSS)

Overview laravel/framework is a PHP framework for web artisans. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper encoding of request parameters in the debug-mode error page. When the application runs with APPDEBUG=true and encounters an error, the...

GHSA-83WP-F5C3-HQQR Laravel framework susceptible to reflected cross-site scripting

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

Laravel framework susceptible to reflected cross-site scripting

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

GHSA-546H-56QP-8JMW Laravel framework susceptible to reflected cross-site scripting

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

Cross-site Scripting (XSS)

Overview laravel/framework is a PHP framework for web artisans. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper encoding of route parameters in the debug-mode error page. When the application is in debug mode APPDEBUG=true and encounters an error, the...

CVE-2024-13919

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13919

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13919 Laravel Reflected XSS via Route Parameter in Debug-Mode Error Page

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13919

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13919 Laravel Reflected XSS via Route Parameter in Debug-Mode Error Page

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13919

The CVE-2024-13919 entry concerns Laravel framework versions 11.9.0 to 11.35.1, which are vulnerable to reflected cross-site scripting due to improper encoding of route parameters on the debug-mode error page. Affected component: Laravel routing/debug-mode error page handling. Root cause (as stat...

CVE-2024-13918 Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

CVE-2024-13918 Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

CVE-2024-13918

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

CVE-2024-13918

CVE-2024-13918 (Laravel) affects Laravel framework versions 11.9.0 through 11.35.1, where a reflected cross-site scripting vulnerability arises from improper encoding of request parameters in the debug-mode error page. The root cause is the failure to encoding user input on the debug error page, ...

PT-2025-10571 · Laravel +1 · Laravel +1

Name of the Vulnerable Software and Affected Versions: Laravel framework versions 11.9.0 through 11.35.1 Description: The Laravel framework is susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page. This issue allows an attacke...

Laravel Framework 跨站脚本漏洞

Laravel Framework is a PHP-based web application development framework from the individual developer Taylor Otwell. A security vulnerability exists in Laravel Framework versions 11.9.0 through 11.35.1, which stems from improper coding of request parameters on a debug mode error page and could lea...