AIKIDO-2024-10390

yajra/laravel-datatables-html is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

69

Medium

yajra/laravel-datatables-html php

AIKIDO-2024-10390: yajra/laravel-datatables-html is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 4.0.0 - 11.5.0.

Exposure of Sensitive Information to an Unauthorized Actor
Vuln in 4.0.0 - 11.5.0
Fixed in 11.5.1
No CVE available
TL;DR

Affected versions of this package could display unauthorized columns in the HTML builder.

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade yajra/laravel-datatables-html library to patch version.

Background info

Link to vendor website

Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US