Return to CVE list

CVE-2025-26159

6.1
Medium

CVE-2025-26159

cve@mitre.org
Awaiting Analysis
View on MITREFind on GitHub

Description

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting (XSS) in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

cve@mitre.org
https://github.com/nasirkhan/laravel-starter
cve@mitre.org
https://godbadtry.github.io/posts/CVE-2025-26159/