CVE-2017-6929: Cross-site Scripting

March 1, 2018 (updated March 21, 2018)

A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit.

References

www.drupal.org/SA-CORE-2018-001

Code Behaviors & Features

Detect and mitigate CVE-2017-6929 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →