Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7267
HistoryAug 10, 2018 - 10:23 a.m.

Remote Code Execution (RCE)

2018-08-1010:23:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17

0.969 High

EPSS

Percentile

99.7%

laravel/framework is vulnerable to remote code execution (RCE). It can occur because there is an unserialized call on the potentially untrusted X-XSRF-TOKEN value. The attacker can execute arbitrary code when decrypting certain files if they have access to the application key.