Hi @briann and team,
I have been able to exploit the following vulnerability within project Wiki pages. Consequently, prior to reproducing this issue please set up a test GitLab 10.0 instance with a Markdown-formatted project wiki. For ease of exploitation, the use of a web intercept proxy (e.g. Burp Suite) is recommended.
Please proceed to access your Wiki, then select "Edit" on the homepage (or create a new Markdown page).
Next, please activate your web intercept proxy. After doing so, enter generic text into the "Content" field and select the "Save Changes" button.
Return to your web intercept proxy, and identify the POST request to the
wikis endpoint. Within this request, please identify the
content parameter and replace this with the below payload.
At the time of testing, I have successfully confirmed exploitability in the following environment: