-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability exists in the Create User function's handling of SVG files. While exact code isn't available, Laravel's typical MVC structure suggests user creation is handled by a store method in UserController. The researcher's findings show SVG processing in user creation bypassed security controls present in other endpoints. The high confidence comes from: 1) Explicit mention of Create User function in advisories 2) Release notes showing XSS fix in user-related functionality 3) Researcher's proof showing SVG execution context in user creation flow.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| unopim/unopim | composer | < 0.1.4 | 0.1.4 |
PHPPHPKEV Misses 88% of Exploited CVEs- Get the report