Описание
A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed attackers to perform arbitrary actions on behalf of victims at client side.
Ссылки
- Vendor Advisory
- Broken Link
- Broken LinkPermissions Required
- Vendor Advisory
- Broken Link
- Broken LinkPermissions Required
Уязвимые конфигурации
Одно из
EPSS
5.4 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed attackers to perform arbitrary actions on behalf of victims at client side.
A issue has been discovered in GitLab CE/EE affecting all versions fro ...
A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed attackers to perform arbitrary actions on behalf of victims at client side.
EPSS
5.4 Medium
CVSS3
6.1 Medium
CVSS3