GMS-2017-119: XSS via Angular Expression

March 15, 2017

ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.

References

github.com/ceolter/ag-grid/issues/1287
spring.io/blog/2016/01/28/angularjs-escaping-the-expression-sandbox-for-xss

Code Behaviors & Features

Detect and mitigate GMS-2017-119 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →