VDB
CVE-2025-0555
CVE-2025-0555
PUBLISHED
A Cross Site Scripting (XSS) vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions.
EPSS 0.05% · 15.9th percentile
Risk Scores
EPSS Score
0.05%
15.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 16.6.0 |
| Bitnami | gitlab | 16.6.0 |
Timeline
- Feb 26, 2025 CVE Published
- Mar 3, 2025 Coalition ESS Score
- Mar 4, 2025 EPSS Score
- Mar 6, 2025 CVE Updated
- Mar 18, 2025 EPSS Score
- Apr 1, 2025 EPSS Score
- Apr 2, 2025 Coalition ESS Score
- Apr 15, 2025 EPSS Score
- Apr 28, 2025 EPSS Score
- May 12, 2025 EPSS Score
- May 26, 2025 EPSS Score
- May 30, 2025 Coalition ESS Score