A significant vulnerability has been identified in the Laravel framework, specifically affecting versions between 11.9.0 and 11.35.1.
The issue revolves around improper encoding of request parameters on the error page when the application is running in debug mode, leading to reflected cross-site scripting (XSS).
https://gbhackers.com/laravel-framework-flaw/