CVE-2018-19570

2019-07-1015:28:42

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.6%

JSON

GitLab CE/EE, versions 11.3 before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via unrecognized HTML tags.

References

www.securityfocus.com/bid/109169

about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/

gitlab.com/gitlab-org/gitlab-ce/issues/52392