CVE-2020-27388: Cross-site Scripting

October 23, 2020 (updated October 28, 2020)

Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel - An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.

References

nvd.nist.gov/vuln/detail/CVE-2020-27388

Code Behaviors & Features

Detect and mitigate CVE-2020-27388 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →