Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted commit to a wiki
2021-03-24T17:15:14.023
2024-11-21T05:49:40.020
Modified
CVSSv3.1: 5.4 (MEDIUM)
AV:N/AC:M/Au:S/C:N/I:P/A:N
6.8
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | gitlab | gitlab | < 13.8.5 | Yes |
Application | gitlab | gitlab | < 13.8.5 | Yes |
Application | gitlab | gitlab | < 13.9.2 | Yes |
Application | gitlab | gitlab | < 13.9.2 | Yes |