GMS-2020-435: Cross-Site Request Forgery (CSRF)
(updated )
Cross-Site Request Forgery (CSRF) in polaris-website.
References
- github.com/advisories/GHSA-whrh-9j4q-g7ph
- github.com/polaris-rbx/Polaris-React/commit/b64673d91e83c0737616a0770d8208727730808b
- github.com/polaris-rbx/Polaris-React/security/advisories/GHSA-whrh-9j4q-g7ph
- medium.com/cross-site-request-forgery-csrf/double-submit-cookie-pattern-65bb71d80d9f
- owasp.org/www-community/attacks/csrf
- snyk.io/vuln/SNYK-JS-POLARISWEBSITE-597473
- www.barracuda.com/glossary/csrf
Detect and mitigate GMS-2020-435 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →