CVE-2015-3257: Cross-site Scripting
(updated )
Zend/Diactoros/Uri::filterPath in zend-diactoros does not properly sanitize path input, which allows remote attackers to perform cross-site scripting (XSS) or open redirect attacks.
References
Detect and mitigate CVE-2015-3257 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →