Laravel 5.4.22 Is Released

Laravel 5.4.22 Is Released

Hi, did you already know that Laravel has released the latest version of Laravel? New version Laravel 5.4.22 is avalaible.

Now everyone can upgrade to new version from Laravel 5.4.22. In the latest version, Laravel released fixes a security vulnerability related to the password reset system.

Laravel 5.4.22 adds security to the latest series of Laravel 5.4, using the latest security of reset passwords system, so malicious users can’t attempt to trick users can cheat to include credentials on separate application controls.

Before,you can reset the password using the system request to sign in and create a URL after resetting the password. Password reset and URL can be forged. This can happen if the user is not aware that they are in a different app domain and can accidentally insert their credentials into a malicious application.

An important note in its release says to make improvements do the update for users who are still running Laravel 5.1 and should make sure and verify that your application generates the absolute the keyword already contains the full URL. Examples are as follows:

{{ url('http://example.com/password/reset/'.$token) }}

If you using Composer, you can update your Laravel installation using composer update commands if you using Composer.

For more info about this you can read at here