The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type.
References
Link | Resource |
---|---|
https://github.com/Laravel-Backpack/CRUD/blob/master/CHANGELOG.md | Release Notes Third Party Advisory |
https://github.com/Laravel-Backpack/CRUD/commit/8b6bd0a2d489a4690f6b1d7ace67e2f07f5f0cc6 | Patch Third Party Advisory |
https://github.com/Laravel-Backpack/CRUD/compare/3.4.8...3.4.9 | Patch Third Party Advisory |
https://github.com/Laravel-Backpack/CRUD/issues/1297 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-08T19:51:49
Updated: 2019-08-08T19:51:49
Reserved: 2019-08-07T00:00:00
Link: CVE-2018-20962
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-08T20:15:11.723
Modified: 2019-08-15T20:46:11.230
Link: CVE-2018-20962
JSON object: View
Redhat Information
No data.
CWE