GMS-2021-50: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

December 1, 2021 (updated April 3, 2023)

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in ezsystems/ezplatform-richtext.

References

developers.ibexa.co/security-advisories/ibexa-sa-2021-010-xss-in-richtext-custom-tag-attributes
github.com/advisories/GHSA-fxwm-rx68-p5vx
github.com/ezsystems/ezplatform-richtext/security/advisories/GHSA-fxwm-rx68-p5vx

Code Behaviors & Features

Detect and mitigate GMS-2021-50 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →