Today we released Laravel 7.1.2 to address a possible XSS related attack vector in the Laravel 7.x Blade Component tag attributes when users are allowed to dictate the value of attributes. All Laravel 7.x users are encouraged to upgrade as soon as possible.
We would like to thank community member Anders Fajerson for bringing this to our attention.
Optimized for PHP and beyond, the new Forge comes with instant provisioning via Laravel VPS, zero-downtime deployments, automated SSL, and a modern UI.
James Brooks
The Laravel MCP library enables you to build Model Context Protocols with ease, so your apps can meet users where they are and where they’ll be: AI chats.
Ashley Hindle
All the highlights from Laracon 2025, including Laravel Cloud autoscaling, Forge upgrades, framework changes, and Nightwatch pricing.
Ana Tavares