GMS-2020-763: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

September 4, 2020 (updated February 26, 2022)

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in react.

References

danlec.com/blog/xss-via-a-spoofed-react-element
github.com/advisories/GHSA-hg79-j56m-fxgv
github.com/facebook/react
snyk.io/vuln/npm:react:20150318
www.npmjs.com/advisories/1347

Code Behaviors & Features

Detect and mitigate GMS-2020-763 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →