GMS-2023-1869: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

June 16, 2023 (updated June 20, 2023)

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in @apollo/server.

References

github.com/advisories/GHSA-68jh-rf6x-836f
github.com/apollographql/apollo-server/commit/0adaf80d1ee51d8c7e5fd863c04478536d15eb8c
github.com/apollographql/apollo-server/security/advisories/GHSA-68jh-rf6x-836f

Code Behaviors & Features

Detect and mitigate GMS-2023-1869 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →