GHSA-fcmh-7492-g4q9, CVE-2019-17433
packagist/encore/laravel-admin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen.
Version 1.7.3
Unfortunately, there is no solution available yet.
2024-02-02
source |