PT-2025-45330

alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting XSS. The application permits user-controlled upload, create, and rename of files to HTML and SVG types and serves those files inline without adequate content-type validation or output sanitization...