The vunerbility is founded in laracms v1.0.1.
Hackers can inject a script in the place where the page is managed.
It's content accept all user input and store to the database. While other user accessing this website will excute the script.
You should filter and escape the output which is picked up from database before show it to the users.
The text was updated successfully, but these errors were encountered:
The vunerbility is founded in laracms v1.0.1.
Hackers can inject a script in the place where the page is managed.
It's content accept all user input and store to the database. While other user accessing this website will excute the script.
You should filter and escape the output which is picked up from database before show it to the users.
The text was updated successfully, but these errors were encountered: