Описание
An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.
Ссылки
- Third Party Advisory
- Broken Link
- Third Party Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия от 12.10.0 (включая) до 12.10.12 (исключая)Версия от 12.10.0 (включая) до 12.10.12 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 33%
0.0013
Низкий
7.2 High
CVSS3
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 7.2
ubuntu
больше 5 лет назад
An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.
CVSS3: 7.2
debian
больше 5 лет назад
An issue has been discovered in GitLab affecting versions from 12.10 t ...
github
больше 3 лет назад
An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.
EPSS
Процентиль: 33%
0.0013
Низкий
7.2 High
CVSS3
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79