CVE-2023-0410: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

January 20, 2023

Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5.

References

github.com/advisories/GHSA-hm7f-rq7q-j9xp
github.com/builderio/qwik/commit/4b2f89dbbd2bc0a2c92eae1a49bdd186e589151a
huntr.dev/bounties/2da583f0-7f66-4ba7-9bed-8e7229aa578e/
nvd.nist.gov/vuln/detail/CVE-2023-0410

Detect and mitigate CVE-2023-0410 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →