moonshine-software/moonshine

moonshine-software/moonshine

getmoonshine.app

Releases346

Frequency3 days 10 hours

Last Release 10 months ago

Stars1.1K

Laravel Admin panel and more. Simple for beginners and powerful for experts. Using Blade, Alpine.js and Tailwind CSS.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-51487 ↗	Aug 19, 2025Tuesday, 19 August 2025, 15:15	4.5 MEDIUM	—
A Stored Cross-Site Scripting (XSS) vulnerability exists in MoonShine version < 3.12.5, allowing to execute arbitrary JavaScript by using "javascript:" payload, instead of the expected HTTPS protocol, in the CutCode Link parameter when creating/updating a new Article.
CVE-2025-51488 ↗	Aug 19, 2025Tuesday, 19 August 2025, 15:15	4.9 MEDIUM	—
A Stored Cross-Site Scripting (XSS) vulnerability exists in MoonShine version < 3.12.4, allowing remote attackers to store and execute arbitrary JavaScript by including a malicious HTML payload in the Name parameter when creating a new Admin.
CVE-2025-51489 ↗	Aug 19, 2025Tuesday, 19 August 2025, 15:15	5.4 MEDIUM	—
A Stored Cross-Site Scripting (XSS) vulnerability exists in MoonShine version < 3.12.5, allowing remote attackers to upload a malicious SVG file when creating/updating an Article and correctly execute arbitrary JavaScript when the file link is opened.
CVE-2025-51510 ↗	Aug 19, 2025Tuesday, 19 August 2025, 15:15	4.9 MEDIUM	—
MoonShine was discovered to contain a SQL injection vulnerability under the Blog -> Categories page when using the moonshine-tree-resource (version < 2.0.2) component.