Laravel is vulnerable to Mass Assignment. The vulnerability is due to insufficient column quoting for all database drivers, which could allow attackers to perform unauthorized mass assignment operations. If using guarded and passing a user-controlled array into an βupdateβ or βsaveβ function, applications may be at risk.