CVE-2015-5169: Cross-Site Scripting vulnerability on "Problem Report" screen
(updated )
When Debug mode is turned on, under certain conditions an arbitrary script may be executed in the Problem Report
screen. Also if JSP files are exposed to be accessed directly it’s possible to execute an arbitrary script.
References
Detect and mitigate CVE-2015-5169 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →