PHP| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| laravel/laravel | composer | >= 5.4.0, < 5.4.22 |
| 5.4.22 |
| illuminate/auth | composer | >= 5.3.0, <= 5.3.31 |
| illuminate/auth | composer | >= 5.4.0, < 5.4.22 | 5.4.22 |
| laravel/framework | composer | >= 5.3.0, <= 5.3.31 |
| laravel/framework | composer | >= 5.4.0, < 5.4.22 | 5.4.22 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from password reset URLs being generated without host validation. The commit diff shows the critical change from route() to url(config('app.url').route(...)) in ResetPassword.php's toMail method. This indicates the original route() call was vulnerable to host injection. The function's role in constructing password reset links directly matches the vulnerability description of improper host constraint.
KEV Misses 88% of Exploited CVEs- Get the report
