VYPR

Packagist (Composer) package

almirhodzic/nova-toggle-5

pkg:composer/almirhodzic/nova-toggle-5

Vulnerabilities (1)

  • CVE-2026-42202MedMay 8, 2026
    affected < 1.3.0fixed 1.3.0

    nova-toggle-5 enables fliping booleans in the index. Prior to version 1.3.0, the toggle endpoint (POST/nova-vendor/nova-toggle/toggle/{resource}/{resourceId}) was protected only by web + auth: middleware. Any user authenticated on the configured guard could call the endpoi