Security: Laravel 7.1.2 Released

Mar, 13 2020

Today we released Laravel 7.1.2 to address a possible XSS related attack vector in the Laravel 7.x Blade Component tag attributes when users are allowed to dictate the value of attributes. All Laravel 7.x users are encouraged to upgrade as soon as possible.

We would like to thank community member Anders Fajerson for bringing this to our attention.

By Taylor Otwell

Creator of Laravel.

Follow the RSS Feed.