CVE-2021-3780: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

September 20, 2021 (updated September 24, 2021)

peertube is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

References

github.com/advisories/GHSA-f2c5-997w-7f5c
github.com/chocobozzz/peertube/commit/0ea2f79d45b301fcd660efc894469a99b2239bf6
huntr.dev/bounties/282807a8-4bf5-4fe2-af62-e05f945b3d65
nvd.nist.gov/vuln/detail/CVE-2021-3780

Code Behaviors & Features

Detect and mitigate CVE-2021-3780 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →