Miggo Logo
Miggo Vulnerability Database
GHSA-297g-xg4h-7w4c

GHSA-297g-xg4h-7w4c: Laravel Cross-site Scripting vulnerability in blade templating

4.7

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-297g-xg4h-7w4c
EPSS Score
-
CWE
CWE-79
Published
5/15/2024
Updated
5/15/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
illuminate/viewcomposer>= 7.0.0, < 7.1.27.1.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from how Blade component attributes were processed. In vulnerable versions (<7.1.2), the ComponentTagCompiler's attributesToString method did not automatically escape string values bound to component attributes. This allowed XSS when user-controlled data was passed to Blade components without manual escaping. The fix in 7.1.2 introduced proper escaping through the $escapeBound parameter, confirming that the lack of automatic escaping in this specific method was the root cause. The pull request (laravel/framework#31945) directly modifies this method's behavior to address the XSS vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

L*r*v*l is pron* to * *ross-sit* S*riptin* vuln*r**ility in *l*** t*mpl*tin*.

Reasoning

T** vuln*r**ility st*ms *rom *ow *l*** *ompon*nt *ttri*ut*s w*r* pro**ss**. In vuln*r**l* v*rsions (<*.*.*), t** `*ompon*ntT***ompil*r`'s `*ttri*ut*sToStrin*` m*t*o* *i* not *utom*ti**lly *s**p* strin* v*lu*s *oun* to *ompon*nt *ttri*ut*s. T*is *llow