Danharrin

**Name of the Vulnerable Software and Affected Versions** Filament versions 4.0.0 through 4.8.4 Filament versions 5.0.0 through 5.3.4 **Description** Filament is a collection of full-stack components for accelerated Laravel development. The Table summarizers (`Range`, `Values`) render raw database values without escaping HTML. If data validation is lacking in columns utilizing these summarizers, an attacker could inject malicious HTML or JavaScript, leading to stored cross-site scripting (XSS) that executes for users viewing the table. The vulnerable components are the `Range` and `Values` summarizers. **Recommendations** Filament versions 4.0.0 through 4.8.4 should be updated to version 4.8.5 or later. Filament versions 5.0.0 through 5.3.4 should be updated to version 5.3.5 or later.