JS Frameworks, Server Side Rendering, and XSS
Today, we patched a potential XSS vector in the default application layout shipped with Laravel. If you are using the default Bootstrap authentication scaffolding, you can patch your
app.blade.php file by adding the “v-pre” directive to the section of code that display the user’s name:
This patch is already included in new applications created using Laravel 5.6.9 and 5.5.37.