An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment.
References
Link | Resource |
---|---|
https://blog.laravel.com/security-release-laravel-61834-7232 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-04T01:28:09
Updated: 2020-09-04T01:28:09
Reserved: 2020-08-28T00:00:00
Link: CVE-2020-24940
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-04T02:15:10.723
Modified: 2020-09-11T17:04:26.807
Link: CVE-2020-24940
JSON object: View
Redhat Information
No data.
CWE