Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8qgm-5447-jmq4

Опубликовано: 20 июн. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 8.7

Описание

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

EPSS

Процентиль: 4%
0.00021
Низкий

8.7 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVSS3: 8.7
ubuntu
около 2 месяцев назад

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

CVSS3: 8.7
nvd
около 2 месяцев назад

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

CVSS3: 8.7
debian
около 2 месяцев назад

An issue has been discovered in GitLab EE that allows for cross-site-s ...

CVSS3: 8.7
fstec
5 месяцев назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю обойти ограничения безопасности и проводить межсайтовые сценарные атаки

EPSS

Процентиль: 4%
0.00021
Низкий

8.7 High

CVSS3

Дефекты

CWE-79