CVE-2021-43808

Name of the Vulnerable Software and Affected Versions: Laravel versions prior to 8.75.0, 7.30.6, and 6.20.42

Description: The issue is related to a possible cross-site scripting (XSS) vulnerability in the Blade templating engine. This vulnerability can be exposed if the parent template contains an exploitable HTML structure and the user is able to guess the parent placeholder SHA-1 hash by trying common names of sections. As a result, a broken HTML element may be clicked, and the user taken to another location in their browser due to XSS.

Recommendations: For versions prior to 8.75.0, update to version 8.75.0 or later. For versions prior to 7.30.6, update to version 7.30.6 or later. For versions prior to 6.20.42, update to version 6.20.42 or later.