CVE-2021-43808MEDIUM≥ 0, < 6.20.42·≥ 7.0.0, < 7.30.6+1 more2021-12-08
CVE-2021-43808 [MEDIUM] CWE-327 Laravel Framework XSS in Blade templating engine
Laravel Framework XSS in Blade templating engine
A security researcher has disclosed a possible XSS vulnerability in the Blade templating engine.
Given the following two Blade templates:
resources/views/parent.blade.php:
```html
@section('content')
@show
```
resources/views/child.blade.php:
```html
@extends('parent')
@section('content')
@endsection
```
And a route like the following:
```php
Route::get('/e
ghsaosv