CVE-2025-62798

Name of the Vulnerable Software and Affected Versions Sharp versions prior to 9.11.1

Description Sharp, a content management framework for Laravel, contains a Cross-Site Scripting (XSS) issue in the SharpShowTextField component. Prior to version 9.11.1, expressions enclosed in {{ & }} were processed by Vue, enabling attackers to inject malicious JavaScript or HTML code. This injected code executes within the user's browser when the affected field is displayed. The vulnerability arises from improper handling of expressions during content rendering.

Recommendations Update to version 9.11.1 or later.