{"uuid": "97d6e100-78b5-406d-96d8-606d194452dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13918", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/1644", "content": "CVE-2024-13918, -13919: XSS in Laravel Framework, 8.0 rating\u2757\ufe0f\n\nThe vulnerabilities allow an attacker to execute code in the victim's browser via Reflected XSS if the victim clicks on a decoy link.\n\nMore then 770k instances at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/95OAY\n\ud83d\udc49 Dork: http.headers.set_cookie:\"laravel_session=\"\n\nRead more: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-01_Laravel_Reflected_XSS_via_Request_Parameter_in_Debug-Mode_Error_Page", "creation_timestamp": "2026-07-11T14:00:04.505992Z"}