CVE-2019-5471

Опубликовано: 09 сент. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 3.5

CVSS3: 5.4

Описание

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6.

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
disco	DNE
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	not-affected	debian: Only affects Gitlab EE 8.9 and later
xenial	not-affected	code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 21%

0.00069

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2019-5471

CVSS3: 5.4

nvd

больше 6 лет назад

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6.

CVE-2019-5471

CVSS3: 5.4

debian

больше 6 лет назад

An input validation and output encoding issue was discovered in the Gi ...

GHSA-9vpf-9m6p-h2rr

CVSS3: 5.4

github

больше 3 лет назад

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6.

EPSS

Процентиль: 21%

0.00069

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

CVE-2019-5471

Описание

Пакет gitlab

Ссылки на источники

Связанные уязвимости