Описание
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| xenial | not-affected |
Показывать по
10
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.4
nvd
больше 6 лет назад
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
CVSS3: 5.4
debian
больше 6 лет назад
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ...
CVSS3: 5.4
github
больше 3 лет назад
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
3.5 Low
CVSS2
5.4 Medium
CVSS3