VDB
CVE-2025-12716
CVE-2025-12716
PUBLISHED
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with malicious content.
EPSS 0.05% · 16.5th percentile
Risk Scores
EPSS Score
0.05%
16.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 18.4.0, 18.6.0, 18.5.0 |
| Bitnami | gitlab | 18.4.0, 18.5.0, 18.6.0 |
Timeline
- Dec 11, 2025 CVE Published
- Dec 11, 2025 EPSS Score
- Dec 11, 2025 PoC Published
- Dec 11, 2025 PoC Published
- Dec 11, 2025 PoC Published
- Dec 15, 2025 EPSS Score
- Dec 19, 2025 EPSS Score
- Dec 23, 2025 EPSS Score
- Dec 28, 2025 EPSS Score
- Jan 1, 2026 EPSS Score
- Jan 5, 2026 EPSS Score
- Jan 9, 2026 EPSS Score