I have this method in the controller:
$ep = new Enterprise;
$d = new Chat;
$dataDao = new Data2;
$model = new Data;
$empresa = $ep->getEnterprise();
$tmp_talent = new Talent();
$nm = $d->all($request->session()->get('user')->email);
$data = [
0 => $empresa,
'vacantes' => $tmp_talent->getOpenJobsXTalent($request->session()->get('user')->email),
"messages" => $nm,
"userId"=> $dataDao->getMyUserId(),
"categories"=>$model->getCategories(),
//"subcategories"=>$model->getSubCategories()
];
return view('chat.dash')->with('data',$data);
And this is their corresponding resource file:
<script>
var allMessages = {!! json_encode($data['messages']) !!};
My question is if this can represent a vulnerability than an attacker could use to make damage on my site or to my end users?
2
Answers
You’re displaying unescaped data
Which shouldn’t be used for displaying users entries
You are using json here so you want to use
@json()
Or
Laravel docs
Those data could be a vulnerability if they are confidential and you also have an XSS vulnerability which allows an attacker to get them.