Vulnerability DatabaseWS-2019-0211
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2019-0211
Published:May 14, 2026
Updated:May 14, 2026
quill all versions are vulnerable to Reverse Tabnapping, allowing attackers to access window.opener for the original page when opening links.
Affected Packages
quill (CDN_JS):
Affected version(s) >=0.15.0 <1.3.7
Fix Suggestion:
Update to version 1.3.7
panel (CONDA):
Affected version(s) >=1.2.1 <1.2.3
Fix Suggestion:
Update to version 1.2.3
panel (CONDA):
Affected version(s) >=1.0.2 <1.2.0
Fix Suggestion:
Update to version 1.2.0
panel (CONDA):
Affected version(s) >=0.13.0 <0.14.4
Fix Suggestion:
Update to version 0.14.4
quill (NPM):
Affected version(s) >=0.1.0 <1.3.7
Fix Suggestion:
Update to version 1.3.7
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha037 <2.0.3-alpha005
Fix Suggestion:
Update to version 2.0.3-alpha005
autodomain.modules.core.blazor (NUGET):
Affected version(s) >=4.1.203.3 <4.1.205
Fix Suggestion:
Update to version 4.1.205
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha017 <2.0.0-alpha025
Fix Suggestion:
Update to version 2.0.0-alpha025
pwptemplatecms (NUGET):
Affected version(s) >=0.0.1 <=0.0.2
Fix Suggestion:
Update to version no_fix
commonweb (NUGET):
Affected version(s) >=2.0.0-alpha028 <2.0.0-alpha036
Fix Suggestion:
Update to version 2.0.0-alpha036
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.27 <=3.0.1
Fix Suggestion:
Update to version no_fix
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v2.6.7 <v3.2.1
Fix Suggestion:
Update to version v3.2.1
westsoft/acl (PHP):
Affected version(s) =dev-master <v0.0.8-beta
Fix Suggestion:
Update to version v0.0.8-beta
bakerysoft/laravelbakerysoft (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.5 <v2.0.5
Fix Suggestion:
Update to version v2.0.5
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.4.2 <v4.5.7
Fix Suggestion:
Update to version v4.5.7
rembon/laravel-crud-generator (PHP):
Affected version(s) >=dev-master <=v1.1
Fix Suggestion:
Update to version no_fix
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.18 <2.0.20
Fix Suggestion:
Update to version 2.0.20
acacha/events (PHP):
Affected version(s) =dev-master <0.1.0
Fix Suggestion:
Update to version 0.1.0
ozzzzam/flarum-ext-quill-with-image (PHP):
Affected version(s) =0.1.0-beta.2
Fix Suggestion:
Update to version no_fix
ziainnovation/mailbox (PHP):
Affected version(s) =dev-main
Fix Suggestion:
Update to version no_fix
zhenxxin/dcat-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
pceuropa/yii2-forms (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.6 <v2.0.6
Fix Suggestion:
Update to version v2.0.6
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.10 <v2.0.10
Fix Suggestion:
Update to version v2.0.10
edguy/admin_panel (PHP):
Affected version(s) =dev-master <1.0
Fix Suggestion:
Update to version 1.0
silverstripers/silverstripe-postmarked (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
jackchow/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
edguy/admin_panel (PHP):
Affected version(s) =1.1
Fix Suggestion:
Update to version no_fix
mrmarchone/kayan (PHP):
Affected version(s) >=dev-main <=1.0.0
Fix Suggestion:
Update to version no_fix
didrive/base (PHP):
Affected version(s) =dev-stable <0.0.1
Fix Suggestion:
Update to version 0.0.1
barrelstrength/sprout-base (PHP):
Affected version(s) >=dev-feature/global-metadata-refactor <dev-feature/purge-elements
Fix Suggestion:
Update to version dev-feature/purge-elements
ngorei/framework (PHP):
Affected version(s) =v4.0.1
Fix Suggestion:
Update to version no_fix
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =0.0.1 <0.0.2
Fix Suggestion:
Update to version 0.0.2
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/theme-management <dev-feature/themes-page
Fix Suggestion:
Update to version dev-feature/themes-page
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=dev-design <dev-main
Fix Suggestion:
Update to version dev-main
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=dev-patches <dev-satellite
Fix Suggestion:
Update to version dev-satellite
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.0 <v1.0.0
Fix Suggestion:
Update to version v1.0.0
drongotech/applicationinfo (PHP):
Affected version(s) >=v1.0.0 <v1.2.0
Fix Suggestion:
Update to version v1.2.0
webreinvent/vaahcms (PHP):
Affected version(s) =0.2.5 <v0.2.5
Fix Suggestion:
Update to version v0.2.5
barrelstrength/sprout-base (PHP):
Affected version(s) >=v3.x-dev <v3.0.1
Fix Suggestion:
Update to version v3.0.1
sky9th/skycms (PHP):
Affected version(s) >=dev-dev <v2.1
Fix Suggestion:
Update to version v2.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.5.13 <v4.5.32
Fix Suggestion:
Update to version v4.5.32
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.7 <dev-dependabot/npm_and_yarn/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/path-parse-1.0.7
moman13/dashboard-setup (PHP):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
mymocms/mymocms (PHP):
Affected version(s) =dev-v5-beta
Fix Suggestion:
Update to version no_fix
revise/prime-cms (PHP):
Affected version(s) >=dev-aras <0.1.0
Fix Suggestion:
Update to version 0.1.0
liushoukun/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.6 <v1.0.6
Fix Suggestion:
Update to version v1.0.6
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v3.3.3 <v4.4.1
Fix Suggestion:
Update to version v4.4.1
disatapp/light-blog (PHP):
Affected version(s) >=dev-master <=v0.9.5
Fix Suggestion:
Update to version no_fix
hhniao/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.1.7 <v5.1.8
Fix Suggestion:
Update to version v5.1.8
opoink/framework (PHP):
Affected version(s) =v1.2.0-beta.1 <v1.2.0
Fix Suggestion:
Update to version v1.2.0
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.8 <2.0.9
Fix Suggestion:
Update to version 2.0.9
jorry2008/dcat-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
capile/tecnodesign (PHP):
Affected version(s) >=2.2.5 <2.2.7
Fix Suggestion:
Update to version 2.2.7
tarantella110/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
nowyouwerkn/wecommerce (PHP):
Affected version(s) =dev-mars <dev-moon
Fix Suggestion:
Update to version dev-moon
nuradev/nura24 (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/url-parse-1.5.1 <dev-dependabot/npm_and_yarn/url-parse-1.5.3
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.3
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.4 <v2.0.4
Fix Suggestion:
Update to version v2.0.4
sina/shuttle (PHP):
Affected version(s) =v2.x-dev
Fix Suggestion:
Update to version no_fix
qsnh/meedu (PHP):
Affected version(s) =v1.0 <dev-dependabot/npm_and_yarn/path-parse-1.0.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/path-parse-1.0.7
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.4 <v1.1.4
Fix Suggestion:
Update to version v1.1.4
capile/tecnodesign (PHP):
Affected version(s) =dev-dev-schema-model <dev-feature/editor-counter
Fix Suggestion:
Update to version dev-feature/editor-counter
barrelstrength/sprout-base (PHP):
Affected version(s) =dev-feature/sprout-settings <dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
dcat-xk/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.4 <v4.0.4
Fix Suggestion:
Update to version v4.0.4
jybtx/backstaged-management (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
jviatge/satadmin (PHP):
Affected version(s) >=v1.1.4 <=v1.1.5
Fix Suggestion:
Update to version no_fix
globit/laravel-ticket (PHP):
Affected version(s) >=dev-master <=1.0.1
Fix Suggestion:
Update to version no_fix
maxiter/maxiter (PHP):
Affected version(s) >=dev-develop <=dev-feature/0014
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.6 <v3.0.6
Fix Suggestion:
Update to version v3.0.6
didrive/cms (PHP):
Affected version(s) >=0.0.2 <1.0.0
Fix Suggestion:
Update to version 1.0.0
elefant/cms (PHP):
Affected version(s) =dev-quill <dev-rector-first-run
Fix Suggestion:
Update to version dev-rector-first-run
mostafa0alii/dashboard-builder (PHP):
Affected version(s) >=dev-master <=1.0.5
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.3 <v2.0.3
Fix Suggestion:
Update to version v2.0.3
develogs/panel (PHP):
Affected version(s) >=0 <=v1.4
Fix Suggestion:
Update to version no_fix
opoink/framework (PHP):
Affected version(s) >=v1.1.0 <v1.2.0-beta
Fix Suggestion:
Update to version v1.2.0-beta
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.4 <v3.0.4
Fix Suggestion:
Update to version v3.0.4
oburatongoi/productivity (PHP):
Affected version(s) >=0.3.10 <=0.4.45
Fix Suggestion:
Update to version no_fix
visanduma/laravel-formy (PHP):
Affected version(s) >=dev-inertia-ready <=dev-main
Fix Suggestion:
Update to version no_fix
developeroncall/larateme (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
ngorei/framework (PHP):
Affected version(s) >=dev-develop <v2.0.4
Fix Suggestion:
Update to version v2.0.4
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.10 <v3.0.10
Fix Suggestion:
Update to version v3.0.10
ofilin/yii2-quill (PHP):
Affected version(s) >=dev-master <=0.3.4
Fix Suggestion:
Update to version no_fix
adkats/bfacp (PHP):
Affected version(s) =dev-master <dev-depfu-update-npm-axios-0.21.1
Fix Suggestion:
Update to version dev-depfu-update-npm-axios-0.21.1
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/config-fixes <dev-feature/database-export-and-import
Fix Suggestion:
Update to version dev-feature/database-export-and-import
salvatori/svcms (PHP):
Affected version(s) >=dev-master <=v1.0.0-alpha
Fix Suggestion:
Update to version no_fix
erjon/cone (PHP):
Affected version(s) >=dev-main <=1.1
Fix Suggestion:
Update to version no_fix
thans/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
dcat/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v5.5.1 <v5.5.3
Fix Suggestion:
Update to version v5.5.3
guysolamour/laravel-administrable (PHP):
Affected version(s) >=dev-dependabot/bundler/docs/nokogiri-1.11.5 <dev-dependabot/bundler/docs/nokogiri-1.13.3
Fix Suggestion:
Update to version dev-dependabot/bundler/docs/nokogiri-1.13.3
dimaslanjaka/universal-framework (PHP):
Affected version(s) =dev-smm-cpanel <dev-snyk-fix-20c856194ba899c370807ce70750adf2
Fix Suggestion:
Update to version dev-snyk-fix-20c856194ba899c370807ce70750adf2
webup/laravel-blog (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/decode-uri-component-0.2.2 <0.3
Fix Suggestion:
Update to version 0.3
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.2 <v4.0.2
Fix Suggestion:
Update to version v4.0.2
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.10 <2.0.11
Fix Suggestion:
Update to version 2.0.11
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v5.1.1 <v5.1.5
Fix Suggestion:
Update to version v5.1.5
ozzzzam/flarum-ext-quill-with-image (PHP):
Affected version(s) =dev-master <0.1.0-beta.1
Fix Suggestion:
Update to version 0.1.0-beta.1
itshayu/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
guysolamour/laravel-administrable (PHP):
Affected version(s) =dev-master <v0.1
Fix Suggestion:
Update to version v0.1
guysolamour/laravel-administrable (PHP):
Affected version(s) >=dev-dependabot/bundler/docs/nokogiri-1.13.6 <v2.0
Fix Suggestion:
Update to version v2.0
umkdev/umkkit (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.2 <v1.0.2
Fix Suggestion:
Update to version v1.0.2
yourock/quill (PHP):
Affected version(s) >=dev-master <=v1.0.1
Fix Suggestion:
Update to version no_fix
demyanenkomaks/yii2-base (PHP):
Affected version(s) >=dev-master <2.0.0
Fix Suggestion:
Update to version 2.0.0
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/admin-middleware-fixes <dev-feature/advanced-jobs-setion
Fix Suggestion:
Update to version dev-feature/advanced-jobs-setion
liuyi/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
rainbowl/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.5 <v4.0.5
Fix Suggestion:
Update to version v4.0.5
lee-to/moonshine (PHP):
Affected version(s) >=1.51.0 <2.x-dev
Fix Suggestion:
Update to version 2.x-dev
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.1 <v4.0.1
Fix Suggestion:
Update to version v4.0.1
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.0 <v4.0.0
Fix Suggestion:
Update to version v4.0.0
salvatori/alma-one (PHP):
Affected version(s) >=4.0.33 <5.0.5
Fix Suggestion:
Update to version 5.0.5
xzprod/quill-widget (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
rekamy/generator (PHP):
Affected version(s) =dev-master <dev-stable
Fix Suggestion:
Update to version dev-stable
webreinvent/vaahcms (PHP):
Affected version(s) >=v0.1.4 <v0.2.4
Fix Suggestion:
Update to version v0.2.4
persist/coreui (PHP):
Affected version(s) >=dev-eventbrite <=dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/y18n-4.0.1
Fix Suggestion:
Update to version no_fix
capile/tecnodesign (PHP):
Affected version(s) >=v2.2.x-dev <2.2.2
Fix Suggestion:
Update to version 2.2.2
capile/tecnodesign (PHP):
Affected version(s) >=2.3.34 <2.3.80
Fix Suggestion:
Update to version 2.3.80
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.6 <v1.1.6
Fix Suggestion:
Update to version v1.1.6
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.3 <v3.0.3
Fix Suggestion:
Update to version v3.0.3
sledov/flarum-ext-quill (PHP):
Affected version(s) =0.1.0-beta.2
Fix Suggestion:
Update to version no_fix
jawad-topdot/laravel-admin (PHP):
Affected version(s) >=dev-master <1.0.10
Fix Suggestion:
Update to version 1.0.10
barrelstrength/sprout-notes (PHP):
Affected version(s) =dev-develop <v1.0.0
Fix Suggestion:
Update to version v1.0.0
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/aside-menu-ui <dev-feature/backend-logo-in-config
Fix Suggestion:
Update to version dev-feature/backend-logo-in-config
moman12/dashboard_ui (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
houdunwang/hdcms (PHP):
Affected version(s) =v1.0.10 <dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
rekamy/generator (PHP):
Affected version(s) >=v2.0.0 <v2.0.7
Fix Suggestion:
Update to version v2.0.7
juzaweb/laravel-cms (PHP):
Affected version(s) =dev-v5-beta <dev-feature/laravel-9-support
Fix Suggestion:
Update to version dev-feature/laravel-9-support
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.1.9 <v5.2.0
Fix Suggestion:
Update to version v5.2.0
klezbucket/laravelito (PHP):
Affected version(s) >=dev-master <=1.1.12
Fix Suggestion:
Update to version no_fix
rdp77/veyaz (PHP):
Affected version(s) =v2.x-dev
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =4.0.3 <v4.0.3
Fix Suggestion:
Update to version v4.0.3
tuliacms/cms (PHP):
Affected version(s) >=dev-modules-managing <=0.0.1-alpha.3
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.4 <v1.0.4
Fix Suggestion:
Update to version v1.0.4
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=dev-bugfix/make-controller-issue <2.0.4
Fix Suggestion:
Update to version 2.0.4
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=v1.x-dev <v1.0.1
Fix Suggestion:
Update to version v1.0.1
mikebywater/kafka-author (PHP):
Affected version(s) >=0.3 <=0.6
Fix Suggestion:
Update to version no_fix
default64bit/ratech-admin (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/vikram-study <dev-hotfix/installation-issue-settings.json-removed
Fix Suggestion:
Update to version dev-hotfix/installation-issue-settings.json-removed
redwine/redwine (PHP):
Affected version(s) =dev-master <dev-new-version
Fix Suggestion:
Update to version dev-new-version
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-hotfix/permission-slugs <dev-master
Fix Suggestion:
Update to version dev-master
capile/tecnodesign (PHP):
Affected version(s) >=2.2.8 <2.2.21
Fix Suggestion:
Update to version 2.2.21
barrelstrength/sprout-notes (PHP):
Affected version(s) =v2.x-dev <v2.0.1
Fix Suggestion:
Update to version v2.0.1
jawad-topdot/laravel-admin (PHP):
Affected version(s) =1.0.11 <1.0.12
Fix Suggestion:
Update to version 1.0.12
juzaweb/juzacms (PHP):
Affected version(s) =dev-v5-beta <dev-bugfix/220-admin-prefix
Fix Suggestion:
Update to version dev-bugfix/220-admin-prefix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/is-svg-and-postcss-svgo--removed <dev-dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
moonshine/moonshine (PHP):
Affected version(s) >=1.51.0 <1.52.0
Fix Suggestion:
Update to version 1.52.0
barrelstrength/sprout-base (PHP):
Affected version(s) >=v1.x-dev <v1.0.2
Fix Suggestion:
Update to version v1.0.2
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.9 <v1.0.9
Fix Suggestion:
Update to version v1.0.9
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=1.0.7 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
revise/prime-cms (PHP):
Affected version(s) =0.3.5 <0.3.6
Fix Suggestion:
Update to version 0.3.6
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.0 <v3.0.0
Fix Suggestion:
Update to version v3.0.0
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v3.3.0 <v3.3.1
Fix Suggestion:
Update to version v3.3.1
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.5 <v3.0.5
Fix Suggestion:
Update to version v3.0.5
rekamy/generator (PHP):
Affected version(s) >=v2.0.8 <v5.0.0
Fix Suggestion:
Update to version v5.0.0
webreinvent/vaahcms (PHP):
Affected version(s) =dev-release/alertify-css-issue <dev-release/backend-job-batching
Fix Suggestion:
Update to version dev-release/backend-job-batching
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.21 <2.0.23
Fix Suggestion:
Update to version 2.0.23
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-release/modules-and-themes-installation-fixes <dev-release/vaahcms-setup
Fix Suggestion:
Update to version dev-release/vaahcms-setup
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.8 <v2.0.8
Fix Suggestion:
Update to version v2.0.8
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.8 <v3.0.8
Fix Suggestion:
Update to version v3.0.8
webcosmonauts/alder (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
oburatongoi/productivity (PHP):
Affected version(s) =dev-master <0.0.1
Fix Suggestion:
Update to version 0.0.1
jviatge/satadmin (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
yousry943/easyadmin (PHP):
Affected version(s) =dev-dependabot/composer/guzzlehttp/guzzle-6.5.7 <dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
capile/tecnodesign (PHP):
Affected version(s) >=2.2.23 <2.3.28
Fix Suggestion:
Update to version 2.3.28
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=0.0.4 <0.0.17
Fix Suggestion:
Update to version 0.0.17
jackh/yii2-aurora (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
os2display/template-extension-bundle (PHP):
Affected version(s) >=dev-master <=2.1.0
Fix Suggestion:
Update to version no_fix
warrenkfz/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.1 <v2.2.1
Fix Suggestion:
Update to version v2.2.1
mieproject/ui-dashboard (PHP):
Affected version(s) >=dev-master <=v1.1.2
Fix Suggestion:
Update to version no_fix
mikebywater/kafka-author (PHP):
Affected version(s) =dev-master <0.1
Fix Suggestion:
Update to version 0.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.1.72 <v5.1.73
Fix Suggestion:
Update to version v5.1.73
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.5 <v1.1.5
Fix Suggestion:
Update to version v1.1.5
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/release-test <dev-feature/resolve-some-issue
Fix Suggestion:
Update to version dev-feature/resolve-some-issue
baoshi/laravel9-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
mnabialek/laravel-eloquent-filter (PHP):
Affected version(s) =dev-dependabot/composer/guzzlehttp/psr7-1.8.5 <dev-dependabot/composer/guzzlehttp/guzzle-7.4.3
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-7.4.3
webreinvent/vaahcms (PHP):
Affected version(s) =dev-release/releasing-localization-demo-v2 <2.0.1
Fix Suggestion:
Update to version 2.0.1
omerz/heroadm (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
westsoftware/acl2 (PHP):
Affected version(s) >=dev-dependabot/composer/symfony/http-kernel-4.4.39 <=dev-dependabot/composer/symfony/http-kernel-4.4.50
Fix Suggestion:
Update to version no_fix
zrkb/nexus (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/engine.io-and-browser-sync-6.2.1 <dev-dependabot/npm_and_yarn/minimist-1.2.6
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/minimist-1.2.6
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v4.5.33 <v4.5.45
Fix Suggestion:
Update to version v4.5.45
revise/prime-cms (PHP):
Affected version(s) >=0.2.11 <0.3.0
Fix Suggestion:
Update to version 0.3.0
barrelstrength/sprout-base-fields (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/eventsource-1.1.1 <dev-dependabot/npm_and_yarn/minimist-1.2.6
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/minimist-1.2.6
webup/laravel-blog (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/engine.io-and-browser-sync-6.2.1 <0.1
Fix Suggestion:
Update to version 0.1
yousry943/easyadmin (PHP):
Affected version(s) >=dev-master <dev-dependabot/composer/league/flysystem-1.1.4
Fix Suggestion:
Update to version dev-dependabot/composer/league/flysystem-1.1.4
juraev/quill (PHP):
Affected version(s) =dev-master <v0.0.1
Fix Suggestion:
Update to version v0.0.1
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/upgrading-to-laravel-6 <dev-snyk-upgrade-2b3a06ccbfca46e8040f51a35d96da64
Fix Suggestion:
Update to version dev-snyk-upgrade-2b3a06ccbfca46e8040f51a35d96da64
hillelcoren/invoice-ninja (PHP):
Affected version(s) =dev-develop <dev-eway
Fix Suggestion:
Update to version dev-eway
masihfathi/yii2-drag-drop-forms (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.3 <v1.0.3
Fix Suggestion:
Update to version v1.0.3
nowyouwerkn/wecommerce (PHP):
Affected version(s) =dev-tech <1.5
Fix Suggestion:
Update to version 1.5
groupefbo/ezframe (PHP):
Affected version(s) >=dev-main <=1.10.11
Fix Suggestion:
Update to version no_fix
moonshine/quill (PHP):
Affected version(s) >=dev-master <=3.0.1
Fix Suggestion:
Update to version no_fix
jd-dotlogics/laravel-admin (PHP):
Affected version(s) >=2.0.14 <2.0.17
Fix Suggestion:
Update to version 2.0.17
maurolacerda-tech/ml-framework (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/one-vue-app-per-module <dev-feature/permission-page
Fix Suggestion:
Update to version dev-feature/permission-page
philiplb/crudlex (PHP):
Affected version(s) =dev-master <0.9
Fix Suggestion:
Update to version 0.9
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.2 <v2.2.2
Fix Suggestion:
Update to version v2.2.2
hillelcoren/invoice-ninja (PHP):
Affected version(s) >=v2.4.6 <v2.6.6
Fix Suggestion:
Update to version v2.6.6
shanjing/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
barrelstrength/sprout-base (PHP):
Affected version(s) =1.0.5 <v1.0.5
Fix Suggestion:
Update to version v1.0.5
sledov/flarum-ext-quill (PHP):
Affected version(s) =dev-master <0.1.0-beta.1
Fix Suggestion:
Update to version 0.1.0-beta.1
pceuropa/yii2-forms (PHP):
Affected version(s) >=2.0.0 <=3.0.4
Fix Suggestion:
Update to version no_fix
jxlwqq/quill (PHP):
Affected version(s) >=dev-master <1.0.3
Fix Suggestion:
Update to version 1.0.3
wmlc/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
satriotol/fastcrud (PHP):
Affected version(s) >=dev-master <10.x-dev
Fix Suggestion:
Update to version 10.x-dev
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) >=v0.0.17 <0.0.56
Fix Suggestion:
Update to version 0.0.56
zrkb/nexus (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/copy-props-2.0.5 <dev-dependabot/npm_and_yarn/moment-2.29.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/moment-2.29.2
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v4.6.0 <dev-v5-stable
Fix Suggestion:
Update to version dev-v5-stable
statikbe/laravel-sir-trevor (PHP):
Affected version(s) >=dev-develop <=1.1.1
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-notes (PHP):
Affected version(s) =2.2.3 <v2.2.3
Fix Suggestion:
Update to version v2.2.3
jawad-topdot/laravel-admin (PHP):
Affected version(s) >=1.0.13 <1.0.21
Fix Suggestion:
Update to version 1.0.21
jd-dotlogics/laravel-admin (PHP):
Affected version(s) =2.0.25 <2.0.26
Fix Suggestion:
Update to version 2.0.26
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.7 <v3.0.7
Fix Suggestion:
Update to version v3.0.7
didrive/base (PHP):
Affected version(s) >=1.6.0 <2.10.0
Fix Suggestion:
Update to version 2.10.0
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-release/installable-setup <dev-release/minor-release-column-indexes
Fix Suggestion:
Update to version dev-release/minor-release-column-indexes
sina/shuttle (PHP):
Affected version(s) =dev-master <dev-tmindiashvili1-patch-1
Fix Suggestion:
Update to version dev-tmindiashvili1-patch-1
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.0.11 <v5.0.12
Fix Suggestion:
Update to version v5.0.12
karlito-web/layouts (PHP):
Affected version(s) >=4.0.1 <=5.0.4
Fix Suggestion:
Update to version no_fix
westsoft/acl (PHP):
Affected version(s) =dev-dependabot/composer/symfony/http-foundation-4.4.18
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.7 <v2.0.7
Fix Suggestion:
Update to version v2.0.7
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.3 <v1.0.3
Fix Suggestion:
Update to version v1.0.3
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.3 <v1.1.3
Fix Suggestion:
Update to version v1.1.3
nuradev/nura24 (PHP):
Affected version(s) >=dev-add-code-of-conduct-1 <dev-dependabot/npm_and_yarn/ini-1.3.8
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/ini-1.3.8
tahamazaheri/ticket (PHP):
Affected version(s) >=dev-main <=v1.0.2
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base (PHP):
Affected version(s) =3.0.2 <v3.0.2
Fix Suggestion:
Update to version v3.0.2
opoink/framework (PHP):
Affected version(s) =dev-sub-opoink <v1.0.1
Fix Suggestion:
Update to version v1.0.1
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.6 <v1.0.6
Fix Suggestion:
Update to version v1.0.6
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.3.19 <v5.3.20
Fix Suggestion:
Update to version v5.3.20
zrkb/nexus (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/loader-utils-and-resolve-url-loader-1.4.2 <dev-dependabot/npm_and_yarn/url-parse-1.5.7
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/url-parse-1.5.7
webreinvent/vaahcms (PHP):
Affected version(s) >=dev-feature/module-build-urls <dev-feature/modules-page
Fix Suggestion:
Update to version dev-feature/modules-page
nowyouwerkn/wecommerce (PHP):
Affected version(s) >=1.6 <=2.5
Fix Suggestion:
Update to version no_fix
smartysoft/yii2-smartysoft-ample (PHP):
Affected version(s) >=dev-dev <=2.4.4
Fix Suggestion:
Update to version no_fix
madtechservices/theme-madmin (PHP):
Affected version(s) >=dev-imgbot <=v0.0.23
Fix Suggestion:
Update to version no_fix
philiplb/crudlex (PHP):
Affected version(s) >=0.11.0 <0.13.0
Fix Suggestion:
Update to version 0.13.0
guysolamour/laravel-administrable (PHP):
Affected version(s) =v5.0.3 <v5.0.4
Fix Suggestion:
Update to version v5.0.4
chrisbraybrooke/laravel-ecommerce (PHP):
Affected version(s) =dev-dev <dev-form-field-key
Fix Suggestion:
Update to version dev-form-field-key
barrelstrength/sprout-base (PHP):
Affected version(s) >=v2.x-dev <v2.0.1
Fix Suggestion:
Update to version v2.0.1
ekxs/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
hillelcoren/invoice-ninja (PHP):
Affected version(s) =v5.0.28 <v5.0.29
Fix Suggestion:
Update to version v5.0.29
nuradev/nura24 (PHP):
Affected version(s) =dev-dependabot/composer/laravel/framework-8.40.0
Fix Suggestion:
Update to version no_fix
didrive/base (PHP):
Affected version(s) >=2.15.0 <=2.16.0
Fix Suggestion:
Update to version no_fix
webreinvent/vaahcms (PHP):
Affected version(s) =dev-feature/db-based-localization <dev-feature/developing-vaahvue
Fix Suggestion:
Update to version dev-feature/developing-vaahvue
codegaf/crudgenerator (PHP):
Affected version(s) >=dev-develop <dev-master
Fix Suggestion:
Update to version dev-master
moeen1/helpsupport (PHP):
Affected version(s) >=dev-main <=v1.4.0
Fix Suggestion:
Update to version no_fix
andmarruda/sbblog (PHP):
Affected version(s) >=dev-feature-upgrade-laravel <=v1.0.3
Fix Suggestion:
Update to version no_fix
orzcc/laravel-admin (PHP):
Affected version(s) =0.8.0 <0.8.1
Fix Suggestion:
Update to version 0.8.1
obaydmerz/heroadm (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
barrelstrength/sprout-base-fields (PHP):
Affected version(s) =1.0.5 <v1.0.5
Fix Suggestion:
Update to version v1.0.5
revise/prime-cms (PHP):
Affected version(s) >=0.3.7 <=0.3.10
Fix Suggestion:
Update to version no_fix
didrive/cms (PHP):
Affected version(s) =dev-master <dev-stable
Fix Suggestion:
Update to version dev-stable
barrelstrength/sprout-base (PHP):
Affected version(s) =2.0.2 <v2.0.2
Fix Suggestion:
Update to version v2.0.2
barrelstrength/sprout-base (PHP):
Affected version(s) =1.1.0 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
jirka-mayer/mycelium (PHP):
Affected version(s) >=dev-master <=v0.2.0
Fix Suggestion:
Update to version no_fix
miaad/helpsupport (PHP):
Affected version(s) >=v1.1.1 <=v1.10.0
Fix Suggestion:
Update to version no_fix
guysolamour/laravel-administrable (PHP):
Affected version(s) >=v3.0 <v5.0.0
Fix Suggestion:
Update to version v5.0.0
panel (PYTHON):
Affected version(s) >=0.13.0 <0.14.4
Fix Suggestion:
Update to version 0.14.4
panel (PYTHON):
Affected version(s) >=1.0.2 <1.2.0
Fix Suggestion:
Update to version 1.2.0
panel (PYTHON):
Affected version(s) >=1.2.1 <1.2.3
Fix Suggestion:
Update to version 1.2.3
Related Resources (2)
https://github.com/quilljs/quill/commit/b2f7b586e1564e43062483eff9fa8111bbc80e32
https://github.com/quilljs/quill/pull/2674
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE