CVE-2020-13330

2020-09-3018:15:19

Google

osv.dev

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

An issue has been discovered in GitLab affecting versions prior to 12.10.13. GitLab was vulnerable to a stored XSS in import the Bitbucket project feature.

CPENameOperatorVersion
gitlabeq12.10.0-ee
gitlabeq12.10.5-ee
gitlabeq12.10.3-ee
gitlabeq12.10.9-ee
gitlabeq12.10.7-ee
gitlabeq12.10.10-ee
gitlabeq12.10.1-ee
gitlabeq12.10.4-ee
gitlabeq12.10.6-ee
gitlabeq12.10.2-ee

Name	Operator	Version
gitlab	eq	12.10.0-ee
gitlab	eq	12.10.5-ee
gitlab	eq	12.10.3-ee
gitlab	eq	12.10.9-ee
gitlab	eq	12.10.7-ee
gitlab	eq	12.10.10-ee
gitlab	eq	12.10.1-ee
gitlab	eq	12.10.4-ee
gitlab	eq	12.10.6-ee
gitlab	eq	12.10.2-ee