CVE-2019-15477: Cross-site Scripting

August 23, 2019 (updated July 18, 2023)

Jooby before has XSS via the default error handler.

References

github.com/jooby-project/jooby/commit/27b4af283de1a2c2a6b0530039b46eef75ddf655
github.com/jooby-project/jooby/pull/1368
nvd.nist.gov/vuln/detail/CVE-2019-15477

Code Behaviors & Features

Detect and mitigate CVE-2019-15477 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →