CVE-2015-6584: XSS vulnerability

September 11, 2015 (updated October 9, 2018)

By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged in user’s session. This means that the malicious hacker can change the logged in user’s password and invalidate the session of the victim while the hacker maintains access.

References

github.com/DataTables/DataTables/issues/602
github.com/DataTables/DataTablesSrc/commit/ccf86dc5982bd8e16d
www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/

Code Behaviors & Features

Detect and mitigate CVE-2015-6584 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →