CVE-2020-1761: Improperly Implemented Security Check for Standard
(updated )
A flaw was found in the OpenShift web console, where the access token is stored in the browser’s local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim’s browser.
References
Detect and mitigate CVE-2020-1761 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →