CVE-2015-7580: XSS vulnerability - white list bypass

February 15, 2016 (updated August 8, 2019)

Carefully crafted strings can cause user input to bypass the sanitization in the white list sanitizer which can lead to an XSS attack.

References

groups.google.com/forum/

Detect and mitigate CVE-2015-7580 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →