Vulnerability DatabaseWS-2018-0600
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2018-0600
Published:May 19, 2026
Updated:May 19, 2026
quill before 1.3.7 is vulnerable to Reverse Tabnabbing. The package uses target='_blank' in anchor tags, allowing attackers to access window.opener for the original page when opening links. This is commonly used for phishing attacks.
Affected Packages
quill (CDN_JS):
Affected version(s) >=0.15.0 <1.3.7
Fix Suggestion:
Update to version 1.3.7
quill (CDN_JS):
Affected version(s) >=2.0.0-dev.0 <2.0.0
Fix Suggestion:
Update to version 2.0.0
panel (CONDA):
Affected version(s) >=1.2.1 <1.2.3
Fix Suggestion:
Update to version 1.2.3
panel (CONDA):
Affected version(s) >=0.13.0 <0.14.4
Fix Suggestion:
Update to version 0.14.4
panel (CONDA):
Affected version(s) >=1.0.2 <1.2.0
Fix Suggestion:
Update to version 1.2.0
quill (NPM):
Affected version(s) >=0.1.0 <1.3.7
Fix Suggestion:
Update to version 1.3.7
quill (NPM):
Affected version(s) >=2.0.0-dev.0 <2.0.0
Fix Suggestion:
Update to version 2.0.0
autodomain.modules.core.blazor (NUGET):
Affected version(s) >=4.1.203.3 <4.1.205
Fix Suggestion:
Update to version 4.1.205
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha017 <2.0.0-alpha025
Fix Suggestion:
Update to version 2.0.0-alpha025
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha037 <2.0.3-alpha005
Fix Suggestion:
Update to version 2.0.3-alpha005
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha028 <2.0.0-alpha036
Fix Suggestion:
Update to version 2.0.0-alpha036
pwptemplatecms (NUGET):
Affected version(s) >=0.0.1 <=0.0.2
Fix Suggestion:
Update to version no_fix
fsw (NUGET):
Affected version(s) >=4.2.1.12 <=4.2.2.3
Fix Suggestion:
Update to version no_fix
bizblocks (NUGET):
Affected version(s) >=1.16.19 <=1.22.0
Fix Suggestion:
Update to version no_fix
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=0.0.4 <0.0.17
Fix Suggestion:
Update to version 0.0.17
jackh/yii2-aurora (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
obaydmerz/heroadm (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.4 <v1.0.4
Fix Suggestion:
Update to version v1.0.4
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.8 <v2.0.8
Fix Suggestion:
Update to version v2.0.8
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.3.19 <v5.3.20
Fix Suggestion:
Update to version v5.3.20
capile/tecnodesign (PHP):
Affected version(s) >=2.2.8 <2.2.21
Fix Suggestion:
Update to version 2.2.21
salvatori/svcms (PHP):
Affected version(s) >=dev-master <=v1.0.0-alpha
Fix Suggestion:
Update to version no_fix
revise/prime-cms (PHP):
Affected version(s) >=0.2.11 <0.3.0
Fix Suggestion:
Update to version 0.3.0
revise/prime-cms (PHP):
Affected version(s) >=dev-aras <0.1.0
Fix Suggestion:
Update to version 0.1.0
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/upgrading-to-laravel-6 <dev-snyk-upgrade-2b3a06ccbfca46e8040f51a35d96da64
Fix Suggestion:
Update to version dev-snyk-upgrade-2b3a06ccbfca46e8040f51a35d96da64
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.3 <v4.0.3
Fix Suggestion:
Update to version v4.0.3
groupefbo/ezframe (PHP):
Affected version(s) >=dev-main <=1.10.11
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.0 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
developeroncall/larateme (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.21 <2.0.23
Fix Suggestion:
Update to version 2.0.23
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.3 <v2.0.3
Fix Suggestion:
Update to version v2.0.3
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=v1.x-dev <v1.0.1
Fix Suggestion:
Update to version v1.0.1
mikebywater/kafka-author (PHP):
Affected version(s) >=0.3 <=0.6
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.3 <v1.1.3
Fix Suggestion:
Update to version v1.1.3
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =dev-dev <dev-form-field-key
Fix Suggestion:
Update to version dev-form-field-key
dimaslanjaka/universal-framework (PHP):
Affected version(s) =dev-smm-cpanel <dev-snyk-fix-20c856194ba899c370807ce70750adf2
Fix Suggestion:
Update to version dev-snyk-fix-20c856194ba899c370807ce70750adf2
yousry943/easyadmin (PHP):
Affected version(s) >=dev-master <dev-dependabot/composer/league/flysystem-1.1.4
Fix Suggestion:
Update to version dev-dependabot/composer/league/flysystem-1.1.4
webreinvent/vaahcms (PHP):
Affected version(s) >=v0.1.4 <v0.2.4
Fix Suggestion:
Update to version v0.2.4
juraev/quill (PHP):
Affected version(s) =dev-master <v0.0.1
Fix Suggestion:
Update to version v0.0.1
barrelstrength/sprout-base (PHP):
Affected version(s) =dev-feature/sprout-settings <dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.8 <v3.0.8
Fix Suggestion:
Update to version v3.0.8
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.2 <v2.2.2
Fix Suggestion:
Update to version v2.2.2
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.4 <v2.0.4
Fix Suggestion:
Update to version v2.0.4
acacha/events (PHP):
Affected version(s) =dev-master <0.1.0
Fix Suggestion:
Update to version 0.1.0
redwine/redwine (PHP):
Affected version(s) =dev-master <dev-new-version
Fix Suggestion:
Update to version dev-new-version
jorry2008/dcat-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
qsnh/meedu (PHP):
Affected version(s) =v1.0 <dev-dependabot/npm_and_yarn/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/path-parse-1.0.7
default64bit/ratech-admin (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
didrive/base (PHP):
Affected version(s) >=2.15.0 <=2.16.0
Fix Suggestion:
Update to version no_fix
didrive/base (PHP):
Affected version(s) =dev-stable <0.0.1
Fix Suggestion:
Update to version 0.0.1
xzprod/quill-widget (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.3 <v1.0.3
Fix Suggestion:
Update to version v1.0.3
oburatongoi/productivity (PHP):
Affected version(s) >=0.3.10 <=0.4.45
Fix Suggestion:
Update to version no_fix
juzaweb/juzacms (PHP):
Affected version(s) =dev-v5-beta <dev-bugfix/220-admin-prefix
Fix Suggestion:
Update to version dev-bugfix/220-admin-prefix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.7 <v2.0.7
Fix Suggestion:
Update to version v2.0.7
smartysoft/yii2-smartysoft-ample (PHP):
Affected version(s) >=dev-dev <=2.4.4
Fix Suggestion:
Update to version no_fix
juzaweb/laravel-cms (PHP):
Affected version(s) =dev-v5-beta <dev-feature/laravel-9-support
Fix Suggestion:
Update to version dev-feature/laravel-9-support
drongotech/applicationinfo (PHP):
Affected version(s) >=v1.0.0 <v1.2.0
Fix Suggestion:
Update to version v1.2.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.18 <2.0.20
Fix Suggestion:
Update to version 2.0.20
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.3 <v3.0.3
Fix Suggestion:
Update to version v3.0.3
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.5.13 <v4.5.32
Fix Suggestion:
Update to version v4.5.32
pceuropa/yii2-forms (PHP):
Affected version(s) >=2.0.0 <=3.0.4
Fix Suggestion:
Update to version no_fix
ozzzzam/flarum-ext-quill-with-image (PHP):
Affected version(s) =dev-master <0.1.0-beta.1
Fix Suggestion:
Update to version 0.1.0-beta.1
barrelstrength/sprout-notes (PHP):
Affected version(s) =v2.x-dev <v2.0.1
Fix Suggestion:
Update to version v2.0.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/is-svg-and-postcss-svgo--removed <dev-dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
satriotol/fastcrud (PHP):
Affected version(s) >=dev-master <10.x-dev
Fix Suggestion:
Update to version 10.x-dev
moman13/dashboard-setup (PHP):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
nowyouwerkn/wecommerce (PHP):
Affected version(s) =dev-mars <dev-moon
Fix Suggestion:
Update to version dev-moon
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.6 <v1.0.6
Fix Suggestion:
Update to version v1.0.6
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.2 <v4.0.2
Fix Suggestion:
Update to version v4.0.2
rekamy/generator (PHP):
Affected version(s) >=v2.0.0 <v2.0.7
Fix Suggestion:
Update to version v2.0.7
webcosmonauts/alder (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.5.33 <v4.5.45
Fix Suggestion:
Update to version v4.5.45
erjon/cone (PHP):
Affected version(s) >=dev-main <=1.1
Fix Suggestion:
Update to version no_fix
madtechservices/theme-madmin (PHP):
Affected version(s) >=dev-imgbot <=v0.0.23
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.4 <v3.0.4
Fix Suggestion:
Update to version v3.0.4
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.5 <v4.0.5
Fix Suggestion:
Update to version v4.0.5
globit/laravel-ticket (PHP):
Affected version(s) >=dev-master <=1.0.1
Fix Suggestion:
Update to version no_fix
ozzzzam/flarum-ext-quill-with-image (PHP):
Affected version(s) =0.1.0-beta.2
Fix Suggestion:
Update to version no_fix
warrenkfz/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
moonshine/moonshine (PHP):
Affected version(s) >=1.51.0 <1.52.0
Fix Suggestion:
Update to version 1.52.0
mostafa0alii/dashboard-builder (PHP):
Affected version(s) >=dev-master <=1.0.5
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/db-based-localization <dev-feature/developing-vaahvue
Fix Suggestion:
Update to version dev-feature/developing-vaahvue
andmarruda/sbblog (PHP):
Affected version(s) >=dev-feature-upgrade-laravel <=v1.0.3
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.5 <v2.0.5
Fix Suggestion:
Update to version v2.0.5
hillelcoren/invoice-ninja (PHP):
Affected version(s) =dev-develop <dev-eway
Fix Suggestion:
Update to version dev-eway
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.3 <v2.2.3
Fix Suggestion:
Update to version v2.2.3
dfront-br/jetstream-crud (PHP):
Affected version(s) =dev-master <0.0.1
Fix Suggestion:
Update to version 0.0.1
guysolamour/laravel-administrable (PHP):
Affected version(s) =dev-master <v0.1
Fix Suggestion:
Update to version v0.1
tig-irapuato/larasuu (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
codegaf/crudgenerator (PHP):
Affected version(s) >=dev-develop <dev-master
Fix Suggestion:
Update to version dev-master
jawad-topdot/laravel-admin (PHP):
Affected version(s) =1.0.11 <1.0.12
Fix Suggestion:
Update to version 1.0.12
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/config-fixes <dev-feature/database-export-and-import
Fix Suggestion:
Update to version dev-feature/database-export-and-import
sky9th/skycms (PHP):
Affected version(s) >=dev-dev <v2.1
Fix Suggestion:
Update to version v2.1
jawad-topdot/laravel-admin (PHP):
Affected version(s) >=dev-master <1.0.10
Fix Suggestion:
Update to version 1.0.10
capile/tecnodesign (PHP):
Affected version(s) >=2.3.34 <2.3.80
Fix Suggestion:
Update to version 2.3.80
develogs/panel (PHP):
Affected version(s) >=0 <=v1.4
Fix Suggestion:
Update to version no_fix
webup/laravel-blog (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/decode-uri-component-0.2.2 <0.3
Fix Suggestion:
Update to version 0.3
sledov/flarum-ext-quill (PHP):
Affected version(s) =0.1.0-beta.2
Fix Suggestion:
Update to version no_fix
sina/shuttle (PHP):
Affected version(s) =v2.x-dev
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =0.2.5 <v0.2.5
Fix Suggestion:
Update to version v0.2.5
liteas98/cp (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
baoshi/laravel9-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.4 <v1.1.4
Fix Suggestion:
Update to version v1.1.4
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.6 <v1.1.6
Fix Suggestion:
Update to version v1.1.6
ofilin/yii2-quill (PHP):
Affected version(s) >=dev-master <=0.3.4
Fix Suggestion:
Update to version no_fix
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=dev-patches <dev-satellite
Fix Suggestion:
Update to version dev-satellite
jawad-topdot/laravel-admin (PHP):
Affected version(s) >=1.0.13 <1.0.21
Fix Suggestion:
Update to version 1.0.21
westsoftware/acl2 (PHP):
Affected version(s) >=dev-dependabot/composer/symfony/http-kernel-4.4.39 <=dev-dependabot/composer/symfony/http-kernel-4.4.50
Fix Suggestion:
Update to version no_fix
dcat-xk/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
guysolamour/laravel-administrable (PHP):
Affected version(s) >=dev-dependabot/bundler/docs/nokogiri-1.11.5 <dev-dependabot/bundler/docs/nokogiri-1.13.3
Fix Suggestion:
Update to version dev-dependabot/bundler/docs/nokogiri-1.13.3
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.1 <v4.0.1
Fix Suggestion:
Update to version v4.0.1
jackchow/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
zrkb/nexus (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/loader-utils-and-resolve-url-loader-1.4.2 <dev-dependabot/npm_and_yarn/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.7
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.10 <v3.0.10
Fix Suggestion:
Update to version v3.0.10
odaiatef/crudbooster (PHP):
Affected version(s) >=v1.0.0 <2.1.x-dev
Fix Suggestion:
Update to version 2.1.x-dev
rdp77/veyaz (PHP):
Affected version(s) =v2.x-dev
Fix Suggestion:
Update to version no_fix
dfront-br/jetstream-crud (PHP):
Affected version(s) >=0.0.2 <=0.0.8
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-release/modules-and-themes-installation-fixes <dev-release/vaahcms-setup
Fix Suggestion:
Update to version dev-release/vaahcms-setup
yourock/quill (PHP):
Affected version(s) >=dev-master <=v1.0.1
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/admin-middleware-fixes <dev-feature/advanced-jobs-setion
Fix Suggestion:
Update to version dev-feature/advanced-jobs-setion
oburatongoi/productivity (PHP):
Affected version(s) =dev-master <0.0.1
Fix Suggestion:
Update to version 0.0.1
revise/prime-cms (PHP):
Affected version(s) =0.3.5 <0.3.6
Fix Suggestion:
Update to version 0.3.6
westsoft/acl (PHP):
Affected version(s) =dev-master <v0.0.8-beta
Fix Suggestion:
Update to version v0.0.8-beta
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.0.28 <v5.0.29
Fix Suggestion:
Update to version v5.0.29
maxiter/maxiter (PHP):
Affected version(s) >=dev-develop <=dev-feature/0014
Fix Suggestion:
Update to version no_fix
itshayu/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/eventsource-1.1.1 <dev-dependabot/npm_and_yarn/minimist-1.2.6
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/minimist-1.2.6
odaiatef/crudbooster (PHP):
Affected version(s) =dev-main <dev-master
Fix Suggestion:
Update to version dev-master
visanduma/laravel-formy (PHP):
Affected version(s) >=dev-inertia-ready <=dev-main
Fix Suggestion:
Update to version no_fix
odaiatef/crudbooster (PHP):
Affected version(s) =v5.6.x-dev <v6.0-beta.1
Fix Suggestion:
Update to version v6.0-beta.1
wmlc/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
thans/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
ekxs/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.5 <v1.1.5
Fix Suggestion:
Update to version v1.1.5
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.10 <2.0.11
Fix Suggestion:
Update to version 2.0.11
omerz/heroadm (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
mikebywater/kafka-author (PHP):
Affected version(s) =dev-master <0.1
Fix Suggestion:
Update to version 0.1
orzcc/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
karlito-web/layouts (PHP):
Affected version(s) >=4.0.1 <=5.0.4
Fix Suggestion:
Update to version no_fix
liushoukun/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
capile/tecnodesign (PHP):
Affected version(s) >=2.2.5 <2.2.7
Fix Suggestion:
Update to version 2.2.7
zrkb/nexus (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/engine.io-and-browser-sync-6.2.1 <dev-dependabot/npm_and_yarn/minimist-1.2.6
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/minimist-1.2.6
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=dev-design <dev-main
Fix Suggestion:
Update to version dev-main
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/vikram-study <dev-hotfix/installation-issue-settings.json-removed
Fix Suggestion:
Update to version dev-hotfix/installation-issue-settings.json-removed
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v4.6.0 <dev-v5-stable
Fix Suggestion:
Update to version dev-v5-stable
digitalfront/livewire (PHP):
Affected version(s) >=dev-master <=0.0.3
Fix Suggestion:
Update to version no_fix
lee-to/moonshine (PHP):
Affected version(s) >=1.51.0 <2.x-dev
Fix Suggestion:
Update to version 2.x-dev
jybtx/backstaged-management (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
nuradev/nura24 (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/url-parse-1.5.3
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.3
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.6 <v3.0.6
Fix Suggestion:
Update to version v3.0.6
moeen1/helpsupport (PHP):
Affected version(s) >=dev-main <=v1.4.0
Fix Suggestion:
Update to version no_fix
guysolamour/laravel-administrable (PHP):
Affected version(s) >=dev-dependabot/bundler/docs/nokogiri-1.13.6 <v2.0
Fix Suggestion:
Update to version v2.0
opoink/framework (PHP):
Affected version(s) =v1.2.0-beta.1 <v1.2.0
Fix Suggestion:
Update to version v1.2.0
mrmarchone/kayan (PHP):
Affected version(s) >=dev-main <=1.0.0
Fix Suggestion:
Update to version no_fix
deshiserver/heroui (PHP):
Affected version(s) >=dev-main <=v2.0.9
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.3 <v1.0.3
Fix Suggestion:
Update to version v1.0.3
didrive/cms (PHP):
Affected version(s) >=0.0.2 <1.0.0
Fix Suggestion:
Update to version 1.0.0
bakerysoft/laravelbakerysoft (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.6 <v1.0.6
Fix Suggestion:
Update to version v1.0.6
opoink/framework (PHP):
Affected version(s) >=v1.1.0 <v1.2.0-beta
Fix Suggestion:
Update to version v1.2.0-beta
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/one-vue-app-per-module <dev-feature/permission-page
Fix Suggestion:
Update to version dev-feature/permission-page
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-release/installable-setup <dev-release/minor-release-column-indexes
Fix Suggestion:
Update to version dev-release/minor-release-column-indexes
nuradev/nura24 (PHP):
Affected version(s) =dev-dependabot/composer/laravel/framework-8.40.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) >=v1.x-dev <v1.0.2
Fix Suggestion:
Update to version v1.0.2
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=1.6 <=2.5
Fix Suggestion:
Update to version no_fix
webup/laravel-blog (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/engine.io-and-browser-sync-6.2.1 <0.1
Fix Suggestion:
Update to version 0.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v2.6.7 <v3.2.1
Fix Suggestion:
Update to version v3.2.1
moman12/dashboard_ui (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
sina/shuttle (PHP):
Affected version(s) =dev-master <dev-tmindiashvili1-patch-1
Fix Suggestion:
Update to version dev-tmindiashvili1-patch-1
odaiatef/crudbooster (PHP):
Affected version(s) =v5.5.x-dev <v5.5.1
Fix Suggestion:
Update to version v5.5.1
zhenxxin/dcat-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.5 <v1.0.5
Fix Suggestion:
Update to version v1.0.5
rekamy/generator (PHP):
Affected version(s) =dev-master <dev-stable
Fix Suggestion:
Update to version dev-stable
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.5 <v3.0.5
Fix Suggestion:
Update to version v3.0.5
nowyouwerkn/wecommerce (PHP):
Affected version(s) =dev-tech <1.5
Fix Suggestion:
Update to version 1.5
barrelstrength/sprout-notes (PHP):
Affected version(s) =dev-develop <v1.0.0
Fix Suggestion:
Update to version v1.0.0
liuyi/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
disatapp/light-blog (PHP):
Affected version(s) >=dev-master <=v0.9.5
Fix Suggestion:
Update to version no_fix
westsoft/acl (PHP):
Affected version(s) =dev-dependabot/composer/symfony/http-foundation-4.4.18
Fix Suggestion:
Update to version no_fix
moonshine/quill (PHP):
Affected version(s) >=dev-master <=3.0.1
Fix Suggestion:
Update to version no_fix
tuliacms/cms (PHP):
Affected version(s) >=dev-modules-managing <=0.0.1-alpha.3
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.9 <v1.0.9
Fix Suggestion:
Update to version v1.0.9
masihfathi/yii2-drag-drop-forms (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
rainbowl/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.0 <v1.0.0
Fix Suggestion:
Update to version v1.0.0
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.0 <v3.0.0
Fix Suggestion:
Update to version v3.0.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.8 <2.0.9
Fix Suggestion:
Update to version 2.0.9
silverstripers/silverstripe-postmarked (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.1 <v2.2.1
Fix Suggestion:
Update to version v2.2.1
capile/tecnodesign (PHP):
Affected version(s) >=2.2.23 <2.3.28
Fix Suggestion:
Update to version 2.3.28
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-hotfix/permission-slugs <dev-master
Fix Suggestion:
Update to version dev-master
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v3.0 <v5.0.0
Fix Suggestion:
Update to version v5.0.0
edguy/admin_panel (PHP):
Affected version(s) =1.1
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-release/releasing-localization-demo-v2 <2.0.1
Fix Suggestion:
Update to version 2.0.1
barrelstrength/sprout-base (PHP):
Affected version(s) >=v3.x-dev <v3.0.1
Fix Suggestion:
Update to version v3.0.1
shanjing/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.7 <dev-dependabot/npm_and_yarn/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/path-parse-1.0.7
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.4 <v4.0.4
Fix Suggestion:
Update to version v4.0.4
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.0 <v4.0.0
Fix Suggestion:
Update to version v4.0.0
revise/prime-cms (PHP):
Affected version(s) >=0.3.7 <=0.3.10
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.2 <v1.0.2
Fix Suggestion:
Update to version v1.0.2
rembon/laravel-crud-generator (PHP):
Affected version(s) >=dev-master <=v1.1
Fix Suggestion:
Update to version no_fix
mirosadoma/amr_components (PHP):
Affected version(s) >=dev-master <=1.7
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/module-build-urls <dev-feature/modules-page
Fix Suggestion:
Update to version dev-feature/modules-page
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.2 <v2.0.2
Fix Suggestion:
Update to version v2.0.2
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/aside-menu-ui <dev-feature/backend-logo-in-config
Fix Suggestion:
Update to version dev-feature/backend-logo-in-config
salvatori/alma-one (PHP):
Affected version(s) >=4.0.33 <5.0.5
Fix Suggestion:
Update to version 5.0.5
houdunwang/hdcms (PHP):
Affected version(s) =v1.0.10 <dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
didrive/cms (PHP):
Affected version(s) =dev-master <dev-stable
Fix Suggestion:
Update to version dev-stable
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v2.4.6 <v2.6.6
Fix Suggestion:
Update to version v2.6.6
capile/tecnodesign (PHP):
Affected version(s) >=v2.2.x-dev <2.2.2
Fix Suggestion:
Update to version 2.2.2
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.4.2 <v4.5.7
Fix Suggestion:
Update to version v4.5.7
adkats/bfacp (PHP):
Affected version(s) =dev-master <dev-depfu-update-npm-axios-0.21.1
Fix Suggestion:
Update to version dev-depfu-update-npm-axios-0.21.1
os2display/template-extension-bundle (PHP):
Affected version(s) >=dev-master <=2.1.0
Fix Suggestion:
Update to version no_fix
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=v0.0.17 <0.0.56
Fix Suggestion:
Update to version 0.0.56
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.7 <v3.0.7
Fix Suggestion:
Update to version v3.0.7
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =0.0.1 <0.0.2
Fix Suggestion:
Update to version 0.0.2
didrive/base (PHP):
Affected version(s) >=1.6.0 <2.10.0
Fix Suggestion:
Update to version 2.10.0
jxlwqq/quill (PHP):
Affected version(s) >=dev-master <1.0.3
Fix Suggestion:
Update to version 1.0.3
maurolacerda-tech/ml-framework (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/theme-management <dev-feature/themes-page
Fix Suggestion:
Update to version dev-feature/themes-page
yousry943/easyadmin (PHP):
Affected version(s) =dev-dependabot/composer/guzzlehttp/guzzle-6.5.7 <dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
heripermana88/l9vuexy (PHP):
Affected version(s) >=dev-master <=v1.1.2
Fix Suggestion:
Update to version no_fix
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.1.7 <v5.1.8
Fix Suggestion:
Update to version v5.1.8
elefant/cms (PHP):
Affected version(s) =dev-quill <dev-rector-first-run
Fix Suggestion:
Update to version dev-rector-first-run
tarantella110/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
hhniao/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.1.9 <v5.2.0
Fix Suggestion:
Update to version v5.2.0
persist/coreui (PHP):
Affected version(s) >=dev-eventbrite <=dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=1.0.7 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
jviatge/satadmin (PHP):
Affected version(s) >=v1.1.4 <=v1.1.5
Fix Suggestion:
Update to version no_fix
klezbucket/laravelito (PHP):
Affected version(s) >=dev-master <=1.1.12
Fix Suggestion:
Update to version no_fix
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v5.1.1 <v5.1.5
Fix Suggestion:
Update to version v5.1.5
ngorei/framework (PHP):
Affected version(s) >=dev-develop <v2.0.4
Fix Suggestion:
Update to version v2.0.4
webreinvent/vaahcms (PHP):
Affected version(s) =dev-release/alertify-css-issue <dev-release/backend-job-batching
Fix Suggestion:
Update to version dev-release/backend-job-batching
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.10 <v2.0.10
Fix Suggestion:
Update to version v2.0.10
zrkb/nexus (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/copy-props-2.0.5 <dev-dependabot/npm_and_yarn/moment-2.29.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/moment-2.29.2
rekamy/generator (PHP):
Affected version(s) >=v2.0.8 <v5.0.0
Fix Suggestion:
Update to version v5.0.0
barrelstrength/sprout-base (PHP):
Affected version(s) >=v2.x-dev <v2.0.1
Fix Suggestion:
Update to version v2.0.1
mnabialek/laravel-eloquent-filter (PHP):
Affected version(s) =dev-dependabot/composer/guzzlehttp/psr7-1.8.5 <dev-dependabot/composer/guzzlehttp/guzzle-7.4.3
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-7.4.3
philiplb/crudlex (PHP):
Affected version(s) >=0.11.0 <0.13.0
Fix Suggestion:
Update to version 0.13.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.25 <2.0.26
Fix Suggestion:
Update to version 2.0.26
jviatge/satadmin (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.5 <v1.0.5
Fix Suggestion:
Update to version v1.0.5
capile/tecnodesign (PHP):
Affected version(s) =dev-dev-schema-model <dev-feature/editor-counter
Fix Suggestion:
Update to version dev-feature/editor-counter
nuradev/nura24 (PHP):
Affected version(s) >=dev-add-code-of-conduct-1 <dev-dependabot/npm_and_yarn/ini-1.3.8
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/ini-1.3.8
sledov/flarum-ext-quill (PHP):
Affected version(s) =dev-master <0.1.0-beta.1
Fix Suggestion:
Update to version 0.1.0-beta.1
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/release-test <dev-feature/resolve-some-issue
Fix Suggestion:
Update to version dev-feature/resolve-some-issue
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.6 <v2.0.6
Fix Suggestion:
Update to version v2.0.6
tahamazaheri/ticket (PHP):
Affected version(s) >=dev-main <=v1.0.2
Fix Suggestion:
Update to version no_fix
mieproject/ui-dashboard (PHP):
Affected version(s) >=dev-master <=v1.1.2
Fix Suggestion:
Update to version no_fix
philiplb/crudlex (PHP):
Affected version(s) =dev-master <0.9
Fix Suggestion:
Update to version 0.9
umkdev/umkkit (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) >=dev-feature/global-metadata-refactor <dev-feature/purge-elements
Fix Suggestion:
Update to version dev-feature/purge-elements
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.0.3 <v5.0.4
Fix Suggestion:
Update to version v5.0.4
ngorei/framework (PHP):
Affected version(s) =v4.0.1
Fix Suggestion:
Update to version no_fix
opoink/framework (PHP):
Affected version(s) =dev-sub-opoink <v1.0.1
Fix Suggestion:
Update to version v1.0.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v3.3.0 <v3.3.1
Fix Suggestion:
Update to version v3.3.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.1.72 <v5.1.73
Fix Suggestion:
Update to version v5.1.73
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v3.3.3 <v4.4.1
Fix Suggestion:
Update to version v4.4.1
edguy/admin_panel (PHP):
Affected version(s) =dev-master <1.0
Fix Suggestion:
Update to version 1.0
statikbe/laravel-sir-trevor (PHP):
Affected version(s) >=dev-develop <=1.1.1
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.0.11 <v5.0.12
Fix Suggestion:
Update to version v5.0.12
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.2 <v3.0.2
Fix Suggestion:
Update to version v3.0.2
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=dev-bugfix/make-controller-issue <2.0.4
Fix Suggestion:
Update to version 2.0.4
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.27 <=3.0.1
Fix Suggestion:
Update to version no_fix
dcat/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
miaad/helpsupport (PHP):
Affected version(s) >=v1.1.1 <=v1.10.0
Fix Suggestion:
Update to version no_fix
pceuropa/yii2-forms (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.14 <2.0.17
Fix Suggestion:
Update to version 2.0.17
mymocms/mymocms (PHP):
Affected version(s) =dev-v5-beta
Fix Suggestion:
Update to version no_fix
demyanenkomaks/yii2-base (PHP):
Affected version(s) >=dev-master <2.0.0
Fix Suggestion:
Update to version 2.0.0
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v5.5.1 <v5.5.3
Fix Suggestion:
Update to version v5.5.3
panel (PYTHON):
Affected version(s) >=0.13.0 <0.14.4
Fix Suggestion:
Update to version 0.14.4
panel (PYTHON):
Affected version(s) >=1.2.1 <1.2.3
Fix Suggestion:
Update to version 1.2.3
panel (PYTHON):
Affected version(s) >=1.0.2 <1.2.0
Fix Suggestion:
Update to version 1.2.0
Related Resources (2)
https://github.com/quilljs/quill/pull/2674
https://github.com/pusher/quill/commit/b750c9ccc511cc08a1cf748dfb5e826a509fa612
Do you need more information?
Contact Us
CVSS v4
Base Score:
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE