GMS-2015-27: XSS vulnerability

September 9, 2015

By exploiting a Cross-site scripting vulnerability the attacker can hijack a user’s session. This means that the malicious hacker can change the user’s password and invalidate the session of the victim while the hacker maintains access.

References

github.com/DataTables/DataTables/issues/602
github.com/DataTables/DataTablesSrc/commit/ccf86dc5982bd8e16d
www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/

Detect and mitigate GMS-2015-27 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →