GMS-2015-26: XSS vulnerability
By exploiting a Cross-site scripting vulnerability, an attacker can hijack a user’s session. This means that the malicious hacker can change the user’s password and invalidate the session of the victim while the hacker maintains access.
References
Detect and mitigate GMS-2015-26 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →