CNNVD-202511-541 Information
CNNVD ID
CNNVD-202511-541
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
Laravel File Manager是Aleksandr Manekin个人开发者的一个Laravel文件管理器。 Laravel File Manager 3.3.1版本存在安全漏洞,该漏洞源于允许用户上传创建和重命名HTML和SVG类型文件,且未进行充分的内容类型验证或输出清理,可能导致跨站脚本攻击。
Description (English)
Laravel File Manager is a Laravel file manager for Aleksandr Manekin’s personal developer. There is a security loophole in version 3.3.1 of Laravel File Manager, which stems from allowing users to upload files of HTML and SVG type that are created and renamed without sufficient content type authentication or output clean-up, which may result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-11-06
Last Modified
2026-02-24
References
https://github.com/Theethat-Thamwasin/CVE-2025-63307 https://github.com/alexusmai/laravel-file-manager https://github.com/Theethat-Thamwasin/CVE-2025-63307/blob/main/POC-CVE-63307.md
Share on: