CVE-2022-31114 in CRUDजानकारी

सारांश

द्वारा MITRE • 03/06/2026

backpack/crud provides Create, Read, Update & Delete (CRUD) functions for Backpack, a collection of Laravel packages that help users build custom administration panels. Versions prior to 5.0.13, 4.1.69, and 4.0.63 are vulnerable to cross-site scripting. An attacker could conduct a targeted phishing campaign, in order to trick users or admins into clicking a malicious link, which under very specific circumstances could give them information or possibly admin access. Versions 5.0.13, 4.1.69, and 4.0.63 patch the issue. As a workaround, manually look inside error views in `resources/views/errors` and output `e($exception->getMessage())` instead of `$exception->getMessage()`.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

जिम्मेदार

GitHub M

आरक्षित करना

18/05/2022

प्रकटीकरण

03/06/2026

संयम

स्वीकृत

प्रविष्टि

VDB-368147

CPE

तैयार

CWE

CWE-79 (पुष्टि की गई)

CVSS

4.3 (VulDB)

EPSS

0.00000

KEV

नहीं

गतिविधियाँ

कम

स्रोत

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-31114
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-31114
CVE Details	https://www.cvedetails.com/cve/CVE-2022-31114/

◂ पिछला सिंहावलोकन अगला ▸

Want to know what is going to be exploited?

We predict KEV entries!