Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-8648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could...

6.1CVSS5.6AI score0.00364EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:17 a.m.10 views

CVE-2024-8648

An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious JavaScript code in Analytics Dashboards through a specially crafted URL...

6.1CVSS6.5AI score0.00364EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/15 12:0 a.m.9 views

GitLab 16.0 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2024-8648)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious...

6.1CVSS5.6AI score0.00364EPSS
Exploits0References5
NVD
NVD
added 2024/11/14 1:15 p.m.15 views

CVE-2024-8648

An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious JavaScript code in Analytics Dashboards through a specially crafted URL...

6.1CVSS0.00364EPSS
Exploits0References3
CVE
CVE
added 2024/11/14 1:2 p.m.61 views

CVE-2024-8648

CVE-2024-8648 affects GitLab CE/EE, with all versions before 17.3.7 (16.x line), 17.4 before 17.4.4, and 17.5 before 17.5.2 vulnerable to a cross-site scripting (XSS) flaw in Analytics Dashboards via a crafted URL. The issue is due to improper handling/neutralization of input in the web page gene...

6.1CVSS6AI score0.00364EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2024/11/13 2:8 p.m.14 views

CVE-2024-8648

creationtimestamp| type| source ---|---|--- 2024-11-13 14:08:31+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113476036942359070 2024-11-14 13:20:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113481508819514836 2024-11-14 14:59:01+00:00| seen|...

6.1CVSS4.8AI score0.00364EPSS
Exploits0References3
Rows per page
Query Builder