Описание
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .
Ссылки
- Release Notes
- Release NotesVendor Advisory
- Release Notes
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.1.7 (исключая)Версия до 11.1.7 (исключая)Версия от 11.2.0 (включая) до 11.2.4 (исключая)Версия от 11.2.0 (включая) до 11.2.4 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:11.3.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:11.3.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 41%
0.0019
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
ubuntu
около 2 лет назад
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .
CVSS3: 5.4
debian
около 2 лет назад
An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVSS3: 5.4
github
около 2 лет назад
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .
EPSS
Процентиль: 41%
0.0019
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79