Short answer
Laravel 5.1 is well protected with SQL injection, CSRF, and XSS by default.
More details
In my opinion, what you should know about:
1- Not only Laravel is responsible for the security of your web application, but also the environment.
- The web server must be configured correctly and securely.
- This is the advantage of SSL (certificate) in your domain.
- Use only SFTP over SSH to transfer files and use SSH only for console connection.
- Use a trusted provider and physically secure server environment.
- Regularly back up files and your database and move data on the side of your provider's server.
- Enter a different username and password for the SSH console, database, or other services.
- To access SSH and access the database, do not use the administrator or root username often, save it for emergency use only, instead create a sub admin / root account and use it instead.
2- First of all, when you develop on your Laravel, you run the risk of doing poor programming that violates Laravel's default security rules.
Conclusion
Therefore, it is suggested not to rely on default security. You need to do your own penetration test when your project is completed so that everything works and defends as planned. And follow some simple safety rules, then you will be perfectly safe.
I suggest you look at this link regarding CSRF and how @ImtiazPabel to comment on the link .
Finally, this link is good for checking:
EDIT
OP asked in the comments:
Is it possible to say that Request :: get ($ data) is completely safe?
Request::get($data) also protected and secure.
Note
I and 3 other guys made a primitive project to measure the level of security of Laravel 5.1 a few months ago, and it successfully passed with any wonderful comments.