CVE-2020-15263: Cross-site Scripting

October 19, 2020 (updated October 22, 2020)

In Orchid Platform, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced and fixed

References

nvd.nist.gov/vuln/detail/CVE-2020-15263

Detect and mitigate CVE-2020-15263 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →