CVE-2015-7578: Possible XSS vulnerability

February 15, 2016 (updated August 8, 2019)

Certain attributes are not removed from tags when they are sanitized, and these attributes can lead to an XSS attack on target applications.

References

groups.google.com/forum/

Code Behaviors & Features

Detect and mitigate CVE-2015-7578 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →