Laravel: >> Framework >> 11.35.0 Security Vulnerabilities
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-03-10
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-03-10
Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-03-05