EPSS
Percentile
24.8%
encore/laravel-admin is vulnerable to cross-site scripting (XSS). It is possible because it does not properly handle the “Operation Log” screen, allowing an attacker to inject arbitrary script through Slug or Name parameters on the Roles screen.
github.com/z-song/laravel-admin/issues/3847