BIT-GITLAB-2026-1338 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to delete protected container registry tags due to improper authorization...

PT-2025-4731 · Unknown · Genesis Style Shortcodes

Name of the Vulnerable Software and Affected Versions: Genesis Style Shortcodes versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could potentially inject malicious...