VDB

CVE-2025-0555

CVE-2025-0555 PUBLISHED

A Cross Site Scripting (XSS) vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions.

EPSS 0.05% · 15.9th percentile

Risk Scores

EPSS Score
0.05%
15.9th percentile

Affected Products

VendorProductVersions
Bitnamigitlab16.6.0
Bitnamigitlab16.6.0

Timeline

  • Feb 26, 2025 CVE Published
  • Mar 3, 2025 Coalition ESS Score
  • Mar 4, 2025 EPSS Score
  • Mar 6, 2025 CVE Updated
  • Mar 18, 2025 EPSS Score
  • Apr 1, 2025 EPSS Score
  • Apr 2, 2025 Coalition ESS Score
  • Apr 15, 2025 EPSS Score
  • Apr 28, 2025 EPSS Score
  • May 12, 2025 EPSS Score
  • May 26, 2025 EPSS Score
  • May 30, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›