Cross site scripting

2020-03-1318:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

32.1%

GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests.

CPENameOperatorVersion
gitlabge12.1.0
gitlable12.8.1
gitlabge12.1.0
gitlable12.8.1

Name	Operator	Version
gitlab	ge	12.1.0
gitlab	le	12.8.1
gitlab	ge	12.1.0
gitlab	le	12.8.1

References

about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/

about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html

0.001 Low

EPSS

Percentile

32.1%

Related for PRION:CVE-2020-10076