CVE-2017-6217: Reflected XSS vulnerability

July 10, 2019 (updated July 11, 2019)

Attacker can construct a special url and send it to a victim, when the victim click the url, the code which is contained in the url will be executed on the victim’s browser side.

References

github.com/paypal/adaptivepayments-sdk-php/issues/87
nvd.nist.gov/vuln/detail/CVE-2017-6217

Detect and mitigate CVE-2017-6217 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →