2 matches found
CVE-2018-14606
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion...
CVE-2018-14606
CVE-2018-14606 affects GitLab Community and Enterprise Edition prior to 10.8.7, 11.0.x prior to 11.0.5, and 11.1.x prior to 11.1.2. It enables cross-site scripting via a Milestone name during a promotion. Remediation is provided by updating to 10.8.7 or later in the 11.x branches (i.e., 11.0.5+ a...