5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.6%
An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2. A stored cross-site scripting vulnerability was discovered when editing references.
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=8.10.0, <12.10.13"
},
{
"status": "affected",
"version": ">=13.0, <13.0.8"
},
{
"status": "affected",
"version": ">=13.1, <13.1.2"
}
]
}
]