Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XLaravel Framework
APPLaravel< 11.44.112.0.0 – 12.1.1 (bez)
Related vulnerabilities
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illu...
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting du...
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting du...
Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users cal...
OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17.