[MEDIUM] Password reset phishing vulnerability

PKSA-fwj1-r2kg-bmxd CVE-2017-9303 GHSA-rc8x-jrrc-frfv

Affected package: laravel/framework

Affected version: >=5.3.0,<=5.3.31|>=5.4.0,<5.4.22

Reported by:
GitHub, FriendsOfPHP/security-advisories