GMS-2016-52: XSS in primary functions

July 25, 2016

Primary functions of emojione do not properly sanitize input and are thus vulnerable to cross site scripting (XSS). If you application passes user supplied input to these functions, it may be vulnerable to this attack.

References

github.com/Ranks/emojione/commit/613079b16c00e47fb3c44744a67ed88a9295afb1
github.com/Ranks/emojione/issues/61

Code Behaviors & Features

Detect and mitigate GMS-2016-52 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →