3 matches found
BIT-GITLAB-2026-10086 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of...
CVE-2026-10086
GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code in the context of...
PT-2026-52197
Name of the Vulnerable Software and Affected Versions GitLab EE versions 13.11 through 18.11.5 GitLab EE versions 19.0 through 19.0.2 GitLab EE versions 19.1 Description Incorrect authorization in DAST Dynamic Application Security Testing site profile management allows a user with the Developer...