-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe key evidence comes from the commit diff showing replacement of v-html with v-text in table-body.vue. Vue's v-html directive directly interprets HTML without sanitization, making it XSS-prone when rendering user-controlled data. The patch specifically addresses this by switching to text interpolation which auto-escapes content. The file path and component match the vulnerability context described in the advisory.
PHPPHPKEV Misses 88% of Exploited CVEs- Get the report
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| krayin/laravel-crm | composer | < 1.2.2 | 1.2.2 |