filp whoops Cross-site Scripting vulnerability · CVE-2017-16880 · GitHub Advisory Database · GitHub

filp whoops Cross-site Scripting vulnerability

Moderate severity GitHub Reviewed Published May 17, 2022 to the GitHub Advisory Database • Updated Apr 23, 2024

Package

filp/whoops (Composer)

Affected versions

< 2.1.13

Patched versions

2.1.13

Description

The dump function in Util/TemplateHelper.php in filp whoops before 2.1.13 has a Cross-site Scripting vulnerability.

References

Published by the National Vulnerability Database

Nov 17, 2017

Published to the GitHub Advisory Database May 17, 2022

Reviewed Apr 23, 2024

Last updated Apr 23, 2024