VDB
BIT-gitlab-2023-1836
BIT-gitlab-2023-1836
PUBLISHED
CVSS 5.400000095367432 MEDIUM
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. When viewing an XML file in a repository in "raw" mode, it can be made to render as HTML if viewed under specific circumstances
Risk Scores
CVSS 3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 5.1.0, 15.10.0, 15.11.0 |
Timeline
- Mar 6, 2024 CVE Published
- Apr 3, 2025 CVE Updated