Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-26407

Опубликовано: 10 дек. 2020
Источник: debian

Описание

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabfixed13.4.7-1package

Примечания

  • https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/

Связанные уязвимости

ubuntu логотип

CVE-2020-26407

CVSS3: 5.5
ubuntu
около 5 лет назад

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

nvd логотип

CVE-2020-26407

CVSS3: 5.5
nvd
около 5 лет назад

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

github логотип

GHSA-79rf-9vhj-jq9w

github
больше 3 лет назад

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project