3 matches found
CVE-2020-13262
Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link...
CVE-2020-13262
Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link...
CVE-2020-13262
CVE-2020-13262 affects GitLab CE/EE versions 12.9 and later up to 13.0.1. The vulnerability is a Client-Side code injection via Mermaid markup, allowing a specially crafted Mermaid payload to cause PUT requests on behalf of other users when a link is clicked. Several connected sources corroborate...