Vulnerability DatabaseWS-2019-0211
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2019-0211
Published:May 19, 2026
Updated:May 19, 2026
quill all versions are vulnerable to Reverse Tabnapping, allowing attackers to access window.opener for the original page when opening links.
Affected Packages
quill (CDN_JS):
Affected version(s) >=0.15.0 <1.3.7
Fix Suggestion:
Update to version 1.3.7
panel (CONDA):
Affected version(s) >=0.13.0 <0.14.4
Fix Suggestion:
Update to version 0.14.4
panel (CONDA):
Affected version(s) >=1.2.1 <1.2.3
Fix Suggestion:
Update to version 1.2.3
panel (CONDA):
Affected version(s) >=1.0.2 <1.2.0
Fix Suggestion:
Update to version 1.2.0
quill (NPM):
Affected version(s) >=0.1.0 <1.3.7
Fix Suggestion:
Update to version 1.3.7
pwptemplatecms (NUGET):
Affected version(s) >=0.0.1 <=0.0.2
Fix Suggestion:
Update to version no_fix
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha037 <2.0.3-alpha005
Fix Suggestion:
Update to version 2.0.3-alpha005
autodomain.modules.core.blazor (NUGET):
Affected version(s) >=4.1.203.3 <4.1.205
Fix Suggestion:
Update to version 4.1.205
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha028 <2.0.0-alpha036
Fix Suggestion:
Update to version 2.0.0-alpha036
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha017 <2.0.0-alpha025
Fix Suggestion:
Update to version 2.0.0-alpha025
barrelstrength/sprout-base (PHP):
Affected version(s) >=v1.x-dev <v1.0.2
Fix Suggestion:
Update to version v1.0.2
yousry943/easyadmin (PHP):
Affected version(s) =dev-dependabot/composer/guzzlehttp/guzzle-6.5.7 <dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
rekamy/generator (PHP):
Affected version(s) >=v2.0.0 <v2.0.7
Fix Suggestion:
Update to version v2.0.7
pceuropa/yii2-forms (PHP):
Affected version(s) >=2.0.0 <=3.0.4
Fix Suggestion:
Update to version no_fix
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v5.5.1 <v5.5.3
Fix Suggestion:
Update to version v5.5.3
satriotol/fastcrud (PHP):
Affected version(s) >=dev-master <10.x-dev
Fix Suggestion:
Update to version 10.x-dev
silverstripers/silverstripe-postmarked (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
maurolacerda-tech/ml-framework (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/upgrading-to-laravel-6 <dev-snyk-upgrade-2b3a06ccbfca46e8040f51a35d96da64
Fix Suggestion:
Update to version dev-snyk-upgrade-2b3a06ccbfca46e8040f51a35d96da64
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v3.0 <v5.0.0
Fix Suggestion:
Update to version v5.0.0
miaad/helpsupport (PHP):
Affected version(s) >=v1.1.1 <=v1.10.0
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) =dev-develop <dev-eway
Fix Suggestion:
Update to version dev-eway
jawad-topdot/laravel-admin (PHP):
Affected version(s) >=1.0.13 <1.0.21
Fix Suggestion:
Update to version 1.0.21
jackh/yii2-aurora (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
guysolamour/laravel-administrable (PHP):
Affected version(s) >=dev-dependabot/bundler/docs/nokogiri-1.13.6 <v2.0
Fix Suggestion:
Update to version v2.0
pceuropa/yii2-forms (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
rdp77/veyaz (PHP):
Affected version(s) =v2.x-dev
Fix Suggestion:
Update to version no_fix
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.21 <2.0.23
Fix Suggestion:
Update to version 2.0.23
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=dev-design <dev-main
Fix Suggestion:
Update to version dev-main
tarantella110/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
webreinvent/vaahcms (PHP):
Affected version(s) >=v0.1.4 <v0.2.4
Fix Suggestion:
Update to version v0.2.4
sky9th/skycms (PHP):
Affected version(s) >=dev-dev <v2.1
Fix Suggestion:
Update to version v2.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/is-svg-and-postcss-svgo--removed <dev-dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-hotfix/permission-slugs <dev-master
Fix Suggestion:
Update to version dev-master
rembon/laravel-crud-generator (PHP):
Affected version(s) >=dev-master <=v1.1
Fix Suggestion:
Update to version no_fix
develogs/panel (PHP):
Affected version(s) >=0 <=v1.4
Fix Suggestion:
Update to version no_fix
mrmarchone/kayan (PHP):
Affected version(s) >=dev-main <=1.0.0
Fix Suggestion:
Update to version no_fix
guysolamour/laravel-administrable (PHP):
Affected version(s) >=dev-dependabot/bundler/docs/nokogiri-1.11.5 <dev-dependabot/bundler/docs/nokogiri-1.13.3
Fix Suggestion:
Update to version dev-dependabot/bundler/docs/nokogiri-1.13.3
philiplb/crudlex (PHP):
Affected version(s) =dev-master <0.9
Fix Suggestion:
Update to version 0.9
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/release-test <dev-feature/resolve-some-issue
Fix Suggestion:
Update to version dev-feature/resolve-some-issue
juzaweb/juzacms (PHP):
Affected version(s) =dev-v5-beta <dev-bugfix/220-admin-prefix
Fix Suggestion:
Update to version dev-bugfix/220-admin-prefix
opoink/framework (PHP):
Affected version(s) =v1.2.0-beta.1 <v1.2.0
Fix Suggestion:
Update to version v1.2.0
itshayu/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
revise/prime-cms (PHP):
Affected version(s) >=0.2.11 <0.3.0
Fix Suggestion:
Update to version 0.3.0
drongotech/applicationinfo (PHP):
Affected version(s) >=v1.0.0 <v1.2.0
Fix Suggestion:
Update to version v1.2.0
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.4 <v2.0.4
Fix Suggestion:
Update to version v2.0.4
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.2 <v1.0.2
Fix Suggestion:
Update to version v1.0.2
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/module-build-urls <dev-feature/modules-page
Fix Suggestion:
Update to version dev-feature/modules-page
os2display/template-extension-bundle (PHP):
Affected version(s) >=dev-master <=2.1.0
Fix Suggestion:
Update to version no_fix
moman12/dashboard_ui (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
globit/laravel-ticket (PHP):
Affected version(s) >=dev-master <=1.0.1
Fix Suggestion:
Update to version no_fix
mikebywater/kafka-author (PHP):
Affected version(s) >=0.3 <=0.6
Fix Suggestion:
Update to version no_fix
ngorei/framework (PHP):
Affected version(s) >=dev-develop <v2.0.4
Fix Suggestion:
Update to version v2.0.4
webcosmonauts/alder (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.2 <v2.2.2
Fix Suggestion:
Update to version v2.2.2
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =0.0.1 <0.0.2
Fix Suggestion:
Update to version 0.0.2
didrive/base (PHP):
Affected version(s) =dev-stable <0.0.1
Fix Suggestion:
Update to version 0.0.1
warrenkfz/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
revise/prime-cms (PHP):
Affected version(s) =0.3.5 <0.3.6
Fix Suggestion:
Update to version 0.3.6
developeroncall/larateme (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
zrkb/nexus (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/engine.io-and-browser-sync-6.2.1 <dev-dependabot/npm_and_yarn/minimist-1.2.6
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/minimist-1.2.6
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.2 <v4.0.2
Fix Suggestion:
Update to version v4.0.2
jackchow/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v5.1.1 <v5.1.5
Fix Suggestion:
Update to version v5.1.5
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.1 <v2.2.1
Fix Suggestion:
Update to version v2.2.1
westsoft/acl (PHP):
Affected version(s) =dev-master <v0.0.8-beta
Fix Suggestion:
Update to version v0.0.8-beta
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =dev-dev <dev-form-field-key
Fix Suggestion:
Update to version dev-form-field-key
moonshine/quill (PHP):
Affected version(s) >=dev-master <=3.0.1
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.8 <v2.0.8
Fix Suggestion:
Update to version v2.0.8
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.0 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
acacha/events (PHP):
Affected version(s) =dev-master <0.1.0
Fix Suggestion:
Update to version 0.1.0
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.6 <v2.0.6
Fix Suggestion:
Update to version v2.0.6
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.0 <v4.0.0
Fix Suggestion:
Update to version v4.0.0
wmlc/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
rekamy/generator (PHP):
Affected version(s) =dev-master <dev-stable
Fix Suggestion:
Update to version dev-stable
jawad-topdot/laravel-admin (PHP):
Affected version(s) >=dev-master <1.0.10
Fix Suggestion:
Update to version 1.0.10
klezbucket/laravelito (PHP):
Affected version(s) >=dev-master <=1.1.12
Fix Suggestion:
Update to version no_fix
groupefbo/ezframe (PHP):
Affected version(s) >=dev-main <=1.10.11
Fix Suggestion:
Update to version no_fix
revise/prime-cms (PHP):
Affected version(s) >=dev-aras <0.1.0
Fix Suggestion:
Update to version 0.1.0
smartysoft/yii2-smartysoft-ample (PHP):
Affected version(s) >=dev-dev <=2.4.4
Fix Suggestion:
Update to version no_fix
ozzzzam/flarum-ext-quill-with-image (PHP):
Affected version(s) =0.1.0-beta.2
Fix Suggestion:
Update to version no_fix
capile/tecnodesign (PHP):
Affected version(s) >=2.2.5 <2.2.7
Fix Suggestion:
Update to version 2.2.7
didrive/base (PHP):
Affected version(s) >=2.15.0 <=2.16.0
Fix Suggestion:
Update to version no_fix
jirka-mayer/mycelium (PHP):
Affected version(s) >=dev-master <=v0.2.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.4 <v1.1.4
Fix Suggestion:
Update to version v1.1.4
jawad-topdot/laravel-admin (PHP):
Affected version(s) =1.0.11 <1.0.12
Fix Suggestion:
Update to version 1.0.12
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.4 <v4.0.4
Fix Suggestion:
Update to version v4.0.4
adkats/bfacp (PHP):
Affected version(s) =dev-master <dev-depfu-update-npm-axios-0.21.1
Fix Suggestion:
Update to version dev-depfu-update-npm-axios-0.21.1
tahamazaheri/ticket (PHP):
Affected version(s) >=dev-main <=v1.0.2
Fix Suggestion:
Update to version no_fix
persist/coreui (PHP):
Affected version(s) >=dev-eventbrite <=dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.1 <v4.0.1
Fix Suggestion:
Update to version v4.0.1
oburatongoi/productivity (PHP):
Affected version(s) >=0.3.10 <=0.4.45
Fix Suggestion:
Update to version no_fix
qsnh/meedu (PHP):
Affected version(s) =v1.0 <dev-dependabot/npm_and_yarn/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/path-parse-1.0.7
moonshine/moonshine (PHP):
Affected version(s) >=1.51.0 <1.52.0
Fix Suggestion:
Update to version 1.52.0
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/admin-middleware-fixes <dev-feature/advanced-jobs-setion
Fix Suggestion:
Update to version dev-feature/advanced-jobs-setion
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.25 <2.0.26
Fix Suggestion:
Update to version 2.0.26
thans/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) >=dev-feature/global-metadata-refactor <dev-feature/purge-elements
Fix Suggestion:
Update to version dev-feature/purge-elements
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.10 <2.0.11
Fix Suggestion:
Update to version 2.0.11
rekamy/generator (PHP):
Affected version(s) >=v2.0.8 <v5.0.0
Fix Suggestion:
Update to version v5.0.0
erjon/cone (PHP):
Affected version(s) >=dev-main <=1.1
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-notes (PHP):
Affected version(s) =dev-develop <v1.0.0
Fix Suggestion:
Update to version v1.0.0
lee-to/moonshine (PHP):
Affected version(s) >=1.51.0 <2.x-dev
Fix Suggestion:
Update to version 2.x-dev
zrkb/nexus (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/copy-props-2.0.5 <dev-dependabot/npm_and_yarn/moment-2.29.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/moment-2.29.2
guysolamour/laravel-administrable (PHP):
Affected version(s) =dev-master <v0.1
Fix Suggestion:
Update to version v0.1
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.3 <v3.0.3
Fix Suggestion:
Update to version v3.0.3
yousry943/easyadmin (PHP):
Affected version(s) >=dev-master <dev-dependabot/composer/league/flysystem-1.1.4
Fix Suggestion:
Update to version dev-dependabot/composer/league/flysystem-1.1.4
edguy/admin_panel (PHP):
Affected version(s) =1.1
Fix Suggestion:
Update to version no_fix
masihfathi/yii2-drag-drop-forms (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
mostafa0alii/dashboard-builder (PHP):
Affected version(s) >=dev-master <=1.0.5
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.5 <v4.0.5
Fix Suggestion:
Update to version v4.0.5
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.10 <v2.0.10
Fix Suggestion:
Update to version v2.0.10
houdunwang/hdcms (PHP):
Affected version(s) =v1.0.10 <dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.3 <v2.0.3
Fix Suggestion:
Update to version v2.0.3
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=dev-patches <dev-satellite
Fix Suggestion:
Update to version dev-satellite
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-release/modules-and-themes-installation-fixes <dev-release/vaahcms-setup
Fix Suggestion:
Update to version dev-release/vaahcms-setup
karlito-web/layouts (PHP):
Affected version(s) >=4.0.1 <=5.0.4
Fix Suggestion:
Update to version no_fix
nuradev/nura24 (PHP):
Affected version(s) >=dev-add-code-of-conduct-1 <dev-dependabot/npm_and_yarn/ini-1.3.8
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/ini-1.3.8
capile/tecnodesign (PHP):
Affected version(s) >=2.2.8 <2.2.21
Fix Suggestion:
Update to version 2.2.21
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.0 <v3.0.0
Fix Suggestion:
Update to version v3.0.0
ekxs/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
liuyi/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
mnabialek/laravel-eloquent-filter (PHP):
Affected version(s) =dev-dependabot/composer/guzzlehttp/psr7-1.8.5 <dev-dependabot/composer/guzzlehttp/guzzle-7.4.3
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-7.4.3
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.5.13 <v4.5.32
Fix Suggestion:
Update to version v4.5.32
codegaf/crudgenerator (PHP):
Affected version(s) >=dev-develop <dev-master
Fix Suggestion:
Update to version dev-master
statikbe/laravel-sir-trevor (PHP):
Affected version(s) >=dev-develop <=1.1.1
Fix Suggestion:
Update to version no_fix
jviatge/satadmin (PHP):
Affected version(s) >=v1.1.4 <=v1.1.5
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/db-based-localization <dev-feature/developing-vaahvue
Fix Suggestion:
Update to version dev-feature/developing-vaahvue
jxlwqq/quill (PHP):
Affected version(s) >=dev-master <1.0.3
Fix Suggestion:
Update to version 1.0.3
bakerysoft/laravelbakerysoft (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.5 <v1.0.5
Fix Suggestion:
Update to version v1.0.5
sledov/flarum-ext-quill (PHP):
Affected version(s) =0.1.0-beta.2
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.6 <v3.0.6
Fix Suggestion:
Update to version v3.0.6
mieproject/ui-dashboard (PHP):
Affected version(s) >=dev-master <=v1.1.2
Fix Suggestion:
Update to version no_fix
default64bit/ratech-admin (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) >=v3.x-dev <v3.0.1
Fix Suggestion:
Update to version v3.0.1
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.0.3 <v5.0.4
Fix Suggestion:
Update to version v5.0.4
revise/prime-cms (PHP):
Affected version(s) >=0.3.7 <=0.3.10
Fix Suggestion:
Update to version no_fix
didrive/cms (PHP):
Affected version(s) =dev-master <dev-stable
Fix Suggestion:
Update to version dev-stable
elefant/cms (PHP):
Affected version(s) =dev-quill <dev-rector-first-run
Fix Suggestion:
Update to version dev-rector-first-run
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.2 <v2.0.2
Fix Suggestion:
Update to version v2.0.2
jorry2008/dcat-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-notes (PHP):
Affected version(s) =v2.x-dev <v2.0.1
Fix Suggestion:
Update to version v2.0.1
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-release/installable-setup <dev-release/minor-release-column-indexes
Fix Suggestion:
Update to version dev-release/minor-release-column-indexes
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=v0.0.17 <0.0.56
Fix Suggestion:
Update to version 0.0.56
zhenxxin/dcat-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
ofilin/yii2-quill (PHP):
Affected version(s) >=dev-master <=0.3.4
Fix Suggestion:
Update to version no_fix
edguy/admin_panel (PHP):
Affected version(s) =dev-master <1.0
Fix Suggestion:
Update to version 1.0
umkdev/umkkit (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.6 <v1.1.6
Fix Suggestion:
Update to version v1.1.6
opoink/framework (PHP):
Affected version(s) =dev-sub-opoink <v1.0.1
Fix Suggestion:
Update to version v1.0.1
xzprod/quill-widget (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.3 <v1.1.3
Fix Suggestion:
Update to version v1.1.3
nowyouwerkn/wecommerce (PHP):
Affected version(s) =dev-mars <dev-moon
Fix Suggestion:
Update to version dev-moon
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/vikram-study <dev-hotfix/installation-issue-settings.json-removed
Fix Suggestion:
Update to version dev-hotfix/installation-issue-settings.json-removed
andmarruda/sbblog (PHP):
Affected version(s) >=dev-feature-upgrade-laravel <=v1.0.3
Fix Suggestion:
Update to version no_fix
obaydmerz/heroadm (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
rainbowl/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=1.0.7 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.2 <v3.0.2
Fix Suggestion:
Update to version v3.0.2
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.5 <v2.0.5
Fix Suggestion:
Update to version v2.0.5
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.3 <v2.2.3
Fix Suggestion:
Update to version v2.2.3
visanduma/laravel-formy (PHP):
Affected version(s) >=dev-inertia-ready <=dev-main
Fix Suggestion:
Update to version no_fix
nuradev/nura24 (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/url-parse-1.5.3
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.3
mymocms/mymocms (PHP):
Affected version(s) =dev-v5-beta
Fix Suggestion:
Update to version no_fix
capile/tecnodesign (PHP):
Affected version(s) >=v2.2.x-dev <2.2.2
Fix Suggestion:
Update to version 2.2.2
maxiter/maxiter (PHP):
Affected version(s) >=dev-develop <=dev-feature/0014
Fix Suggestion:
Update to version no_fix
sledov/flarum-ext-quill (PHP):
Affected version(s) =dev-master <0.1.0-beta.1
Fix Suggestion:
Update to version 0.1.0-beta.1
ziainnovation/mailbox (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
moeen1/helpsupport (PHP):
Affected version(s) >=dev-main <=v1.4.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.7 <v2.0.7
Fix Suggestion:
Update to version v2.0.7
juraev/quill (PHP):
Affected version(s) =dev-master <v0.0.1
Fix Suggestion:
Update to version v0.0.1
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.1.9 <v5.2.0
Fix Suggestion:
Update to version v5.2.0
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.3 <v4.0.3
Fix Suggestion:
Update to version v4.0.3
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.1.7 <v5.1.8
Fix Suggestion:
Update to version v5.1.8
hhniao/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.6 <v1.0.6
Fix Suggestion:
Update to version v1.0.6
nowyouwerkn/wecommerce (PHP):
Affected version(s) =dev-tech <1.5
Fix Suggestion:
Update to version 1.5
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/aside-menu-ui <dev-feature/backend-logo-in-config
Fix Suggestion:
Update to version dev-feature/backend-logo-in-config
madtechservices/theme-madmin (PHP):
Affected version(s) >=dev-imgbot <=v0.0.23
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-release/alertify-css-issue <dev-release/backend-job-batching
Fix Suggestion:
Update to version dev-release/backend-job-batching
demyanenkomaks/yii2-base (PHP):
Affected version(s) >=dev-master <2.0.0
Fix Suggestion:
Update to version 2.0.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=dev-bugfix/make-controller-issue <2.0.4
Fix Suggestion:
Update to version 2.0.4
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.5 <v3.0.5
Fix Suggestion:
Update to version v3.0.5
sina/shuttle (PHP):
Affected version(s) =v2.x-dev
Fix Suggestion:
Update to version no_fix
disatapp/light-blog (PHP):
Affected version(s) >=dev-master <=v0.9.5
Fix Suggestion:
Update to version no_fix
webup/laravel-blog (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/decode-uri-component-0.2.2 <0.3
Fix Suggestion:
Update to version 0.3
shanjing/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
dimaslanjaka/universal-framework (PHP):
Affected version(s) =dev-smm-cpanel <dev-snyk-fix-20c856194ba899c370807ce70750adf2
Fix Suggestion:
Update to version dev-snyk-fix-20c856194ba899c370807ce70750adf2
tuliacms/cms (PHP):
Affected version(s) >=dev-modules-managing <=0.0.1-alpha.3
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v4.6.0 <dev-v5-stable
Fix Suggestion:
Update to version dev-v5-stable
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.4 <v3.0.4
Fix Suggestion:
Update to version v3.0.4
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.0.28 <v5.0.29
Fix Suggestion:
Update to version v5.0.29
omerz/heroadm (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.27 <=3.0.1
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.3.19 <v5.3.20
Fix Suggestion:
Update to version v5.3.20
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.4 <v1.0.4
Fix Suggestion:
Update to version v1.0.4
didrive/base (PHP):
Affected version(s) >=1.6.0 <2.10.0
Fix Suggestion:
Update to version 2.10.0
baoshi/laravel9-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
nuradev/nura24 (PHP):
Affected version(s) =dev-dependabot/composer/laravel/framework-8.40.0
Fix Suggestion:
Update to version no_fix
zrkb/nexus (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/loader-utils-and-resolve-url-loader-1.4.2 <dev-dependabot/npm_and_yarn/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.7
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.7 <v3.0.7
Fix Suggestion:
Update to version v3.0.7
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/eventsource-1.1.1 <dev-dependabot/npm_and_yarn/minimist-1.2.6
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/minimist-1.2.6
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v2.6.7 <v3.2.1
Fix Suggestion:
Update to version v3.2.1
dcat-xk/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.0 <v1.0.0
Fix Suggestion:
Update to version v1.0.0
ozzzzam/flarum-ext-quill-with-image (PHP):
Affected version(s) =dev-master <0.1.0-beta.1
Fix Suggestion:
Update to version 0.1.0-beta.1
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/config-fixes <dev-feature/database-export-and-import
Fix Suggestion:
Update to version dev-feature/database-export-and-import
jybtx/backstaged-management (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.5 <v1.1.5
Fix Suggestion:
Update to version v1.1.5
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.9 <v1.0.9
Fix Suggestion:
Update to version v1.0.9
redwine/redwine (PHP):
Affected version(s) =dev-master <dev-new-version
Fix Suggestion:
Update to version dev-new-version
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.4.2 <v4.5.7
Fix Suggestion:
Update to version v4.5.7
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.6 <v1.0.6
Fix Suggestion:
Update to version v1.0.6
jviatge/satadmin (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
moman13/dashboard-setup (PHP):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
mikebywater/kafka-author (PHP):
Affected version(s) =dev-master <0.1
Fix Suggestion:
Update to version 0.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v3.3.3 <v4.4.1
Fix Suggestion:
Update to version v4.4.1
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.14 <2.0.17
Fix Suggestion:
Update to version 2.0.17
didrive/cms (PHP):
Affected version(s) >=0.0.2 <1.0.0
Fix Suggestion:
Update to version 1.0.0
salvatori/svcms (PHP):
Affected version(s) >=dev-master <=v1.0.0-alpha
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.0.11 <v5.0.12
Fix Suggestion:
Update to version v5.0.12
philiplb/crudlex (PHP):
Affected version(s) >=0.11.0 <0.13.0
Fix Suggestion:
Update to version 0.13.0
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.10 <v3.0.10
Fix Suggestion:
Update to version v3.0.10
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.3 <v1.0.3
Fix Suggestion:
Update to version v1.0.3
juzaweb/laravel-cms (PHP):
Affected version(s) =dev-v5-beta <dev-feature/laravel-9-support
Fix Suggestion:
Update to version dev-feature/laravel-9-support
barrelstrength/sprout-base (PHP):
Affected version(s) >=v2.x-dev <v2.0.1
Fix Suggestion:
Update to version v2.0.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
westsoftware/acl2 (PHP):
Affected version(s) >=dev-dependabot/composer/symfony/http-kernel-4.4.39 <=dev-dependabot/composer/symfony/http-kernel-4.4.50
Fix Suggestion:
Update to version no_fix
yourock/quill (PHP):
Affected version(s) >=dev-master <=v1.0.1
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v2.4.6 <v2.6.6
Fix Suggestion:
Update to version v2.6.6
salvatori/alma-one (PHP):
Affected version(s) >=4.0.33 <5.0.5
Fix Suggestion:
Update to version 5.0.5
sina/shuttle (PHP):
Affected version(s) =dev-master <dev-tmindiashvili1-patch-1
Fix Suggestion:
Update to version dev-tmindiashvili1-patch-1
oburatongoi/productivity (PHP):
Affected version(s) =dev-master <0.0.1
Fix Suggestion:
Update to version 0.0.1
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.8 <2.0.9
Fix Suggestion:
Update to version 2.0.9
webreinvent/vaahcms (PHP):
Affected version(s) =dev-release/releasing-localization-demo-v2 <2.0.1
Fix Suggestion:
Update to version 2.0.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v3.3.0 <v3.3.1
Fix Suggestion:
Update to version v3.3.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.5.33 <v4.5.45
Fix Suggestion:
Update to version v4.5.45
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.1.72 <v5.1.73
Fix Suggestion:
Update to version v5.1.73
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=v1.x-dev <v1.0.1
Fix Suggestion:
Update to version v1.0.1
dcat/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.5 <v1.0.5
Fix Suggestion:
Update to version v1.0.5
capile/tecnodesign (PHP):
Affected version(s) >=2.3.34 <2.3.80
Fix Suggestion:
Update to version 2.3.80
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=1.6 <=2.5
Fix Suggestion:
Update to version no_fix
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=0.0.4 <0.0.17
Fix Suggestion:
Update to version 0.0.17
barrelstrength/sprout-base (PHP):
Affected version(s) =dev-feature/sprout-settings <dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
opoink/framework (PHP):
Affected version(s) >=v1.1.0 <v1.2.0-beta
Fix Suggestion:
Update to version v1.2.0-beta
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.7 <dev-dependabot/npm_and_yarn/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/path-parse-1.0.7
capile/tecnodesign (PHP):
Affected version(s) >=2.2.23 <2.3.28
Fix Suggestion:
Update to version 2.3.28
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/theme-management <dev-feature/themes-page
Fix Suggestion:
Update to version dev-feature/themes-page
webreinvent/vaahcms (PHP):
Affected version(s) =0.2.5 <v0.2.5
Fix Suggestion:
Update to version v0.2.5
capile/tecnodesign (PHP):
Affected version(s) =dev-dev-schema-model <dev-feature/editor-counter
Fix Suggestion:
Update to version dev-feature/editor-counter
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.8 <v3.0.8
Fix Suggestion:
Update to version v3.0.8
ngorei/framework (PHP):
Affected version(s) =v4.0.1
Fix Suggestion:
Update to version no_fix
orzcc/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/one-vue-app-per-module <dev-feature/permission-page
Fix Suggestion:
Update to version dev-feature/permission-page
liushoukun/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.18 <2.0.20
Fix Suggestion:
Update to version 2.0.20
webup/laravel-blog (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/engine.io-and-browser-sync-6.2.1 <0.1
Fix Suggestion:
Update to version 0.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.3 <v1.0.3
Fix Suggestion:
Update to version v1.0.3
westsoft/acl (PHP):
Affected version(s) =dev-dependabot/composer/symfony/http-foundation-4.4.18
Fix Suggestion:
Update to version no_fix
panel (PYTHON):
Affected version(s) >=1.2.1 <1.2.3
Fix Suggestion:
Update to version 1.2.3
panel (PYTHON):
Affected version(s) >=0.13.0 <0.14.4
Fix Suggestion:
Update to version 0.14.4
panel (PYTHON):
Affected version(s) >=1.0.2 <1.2.0
Fix Suggestion:
Update to version 1.2.0
Related Resources (2)
https://github.com/quilljs/quill/commit/b2f7b586e1564e43062483eff9fa8111bbc80e32
https://github.com/quilljs/quill/pull/2674
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE