[MEDIUM] Password reset phishing vulnerability

PKSA-mthy-14qm-t8rw CVE-2017-9303 GHSA-rc8x-jrrc-frfv

Affected package: illuminate/auth

Affected version: >=5.3.0,<=5.3.31|>=5.4.0,<5.4.22

Reported by:
GitHub, FriendsOfPHP/security-advisories