Описание
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 12.5.0 (включая) до 12.8.1 (включая)Версия от 12.5.0 (включая) до 12.8.1 (включая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 29%
0.001
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 5 лет назад
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.
CVSS3: 6.1
debian
больше 5 лет назад
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error h ...
github
больше 3 лет назад
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.
EPSS
Процентиль: 29%
0.001
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-79