GMS-2022-1449: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

May 25, 2022

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in neos/neos.

References

discuss.neos.io/t/neos-bugfix-releases-5-3-10-7-0-9-7-1-7-7-2-6-7-3-4-8-0-2/5930?u=kdambekalns
github.com/advisories/GHSA-jfxf-4frr-9j3q
github.com/neos/neos-development-collection/security/advisories/GHSA-jfxf-4frr-9j3q
www.neos.io/blog/xss-in-various-backend-modules.html

Code Behaviors & Features

Detect and mitigate GMS-2022-1449 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →