OSVDB-125676: Cross-Site Scripting (XSS) in queues page

June 4, 2015

The package sidekiq is vulnerable to XSS via queue name in Sidekiq::Web.

References

github.com/mperham/sidekiq/commit/2178d66b6686fbf4430223c34c184a64c9906828
github.com/mperham/sidekiq/issues/2330

Detect and mitigate OSVDB-125676 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →