roots/soil is vulnerable to cross-site scripting. The vulnerability exists in the languageAttributes()
function of CleanUpModule.php
due to incorrectly neutralizing the language
argument which allows an attacker to inject and execute malicious JavaScript.
CPE | Name | Operator | Version |
---|---|---|---|
roots/soil | le | 4.0.5 | |
roots/soil | le | 4.0.5 |