Описание
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing attackers to perform arbitrary actions on behalf of victims.
Ссылки
- ExploitIssue Tracking
- ExploitIssue Tracking
- ExploitIssue Tracking
- ExploitIssue Tracking
Уязвимые конфигурации
Одно из
EPSS
8.7 High
CVSS3
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing attackers to perform arbitrary actions on behalf of victims.
An issue has been discovered in GitLab CE/EE affecting all versions be ...
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing attackers to perform arbitrary actions on behalf of victims.
Уязвимость компонента Wiki Page Handler программной платформы на базе git для совместной работы над кодом GitLab, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
EPSS
8.7 High
CVSS3
5.4 Medium
CVSS3