Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Vulnerability Keyword

Date Range

Severity

Format

Upgrade Package

Data export is locked. Upgrade your package to enable filtering and downloading.

← Back to CVE List

CVE-2024-13919NVD

Description

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page.

Severity Level

HIGH (8.0)

Published Date

10/03/2025

Last Modified

24/03/2025

Exploitation Status

UNKNOWN

References

https://github.com/laravel/framework/pull/53869
https://github.com/laravel/framework/releases/tag/v11.36.0
https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-02_Laravel_Reflected_XSS_via_Route_Parameter_in_Debug-Mode_Error_Page
http://www.openwall.com/lists/oss-security/2025/03/10/4