GMS-2017-125: XSS Vulnerability

April 11, 2017

Forms did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting

References

github.com/caolan/forms/commit/bc01e534a0ff863dedb2026a50bd03153bbc6a5d

Code Behaviors & Features

Detect and mitigate GMS-2017-125 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →