Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2022-0195

Good to know:

icon

Date: July 3, 2022

Multiple Stored XSS in filamentphp/filament before 2.3.16

Language: PHP

Severity Score

Related Resources (2)

https://github.com/filamentphp/filament/commit/2d2c95a442f414a64c955d2d1f90c35f15a45457
https://www.mend.io/vulnerability-database/WS-2022-0195

Severity Score

Weakness Type (CWE)

Server-Side Request Forgery (SSRF)

CWE-918

Top Fix

icon

Upgrade Version

Upgrade to version filament/forms - v2.5.7;filament/forms - v2.0.14;filament/forms - v2.4.33;filament/forms - v2.0.0-beta26;filament/forms - v2.11.2;filament/forms - v2.6.2;filament/forms - v2.11.5;filament/forms - v2.13.1;filament/forms - v2.9.5;filament/forms - v2.13.16;filament/forms - v2.2.2;filament/forms - v2.9.14;filament/forms - v2.0.0-beta20;filament/forms - v2.3.6;filament/forms - v2.9.9;filament/forms - v2.10.43;filament/forms - v2.0.0-beta3;filament/forms - v2.6.0;filament/forms - v2.10.12;filament/forms - v2.7.5;filament/forms - v2.0.2;filament/forms - v2.0.0;filament/forms - v2.10.41;filament/forms - v2.9.3;filament/forms - v2.10.0-beta1;filament/forms - v2.10.29;filament/forms - v2.4.42;filament/forms - v2.12.21;filament/forms - v2.4.6;filament/forms - v2.5.0-beta1;makogai/filament-non-typed - v2.10.18;makogai/filament-non-typed - v2.10.1;makogai/filament-non-typed - v2.6.2;makogai/filament-non-typed - v2.10.15;makogai/filament-non-typed - v2.0.0-beta24;makogai/filament-non-typed - v2.10.5;makogai/filament-non-typed - v2.3.4;makogai/filament-non-typed - v2.4.48;makogai/filament-non-typed - v2.9.14;makogai/filament-non-typed - v2.10.11;makogai/filament-non-typed - 2.x-dev;makogai/filament-non-typed - v2.10.22;makogai/filament-non-typed - v2.8.9;besrabasant/filament-admin - v2.0.0-beta22;besrabasant/filament-admin - v2.4.11;besrabasant/filament-admin - v2.0.4;besrabasant/filament-admin - v2.0.0-beta11;besrabasant/filament-admin - v2.4.30;besrabasant/filament-admin - v2.1.3;besrabasant/filament-admin - v2.4.25;besrabasant/filament-admin - v2.0.10;besrabasant/filament-admin - v2.3.4;besrabasant/filament-admin - v2.4.8;besrabasant/filament-admin - dev-main;besrabasant/filament - 2.x-dev;besrabasant/filament-forms - no_fix;filament/filament - 2.x-dev;newcbt/filament - 2.x-dev;newcbt/filament - v2.13.16

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us