Anand

**Name of the Vulnerable Software and Affected Versions** spatie/browsershot versions 0.0.0 and later **Description** The issue allows an attacker to include arbitrary files in the resultant PDF by specifying a URL in the `file://` protocol. This can lead to unauthorized access to sensitive information. **Recommendations** For spatie/browsershot version 0.0.0, consider restricting the use of the `file://` protocol to minimize the risk of exploitation. As a temporary workaround, avoid using the `file://` protocol in URLs until a patch is available.