CVE-2019-5422: Cross-site Scripting

April 3, 2019 (updated October 9, 2019)

XSS in buttle causes execution of attacker-provided code in the victim’s browser when an attacker creates an arbitrary file on the server.

References

nvd.nist.gov/vuln/detail/CVE-2019-5422

Detect and mitigate CVE-2019-5422 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →