Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-3500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 16.0.8, all versions starting from 16.1 before 16.1.3, all version...

6.1CVSS6AI score0.00474EPSS
Exploits0References2
NVD
NVD
added 2023/08/02 1:15 a.m.15 views

CVE-2023-3500

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A reflected XSS was possible when creating specific PlantUML diagrams that allowed the attacker to...

6.1CVSS5.2AI score0.00474EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/02 12:7 a.m.23 views

CVE-2023-3500 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A reflected XSS was possible when creating specific PlantUML diagrams that allowed the attacker to...

4.8CVSS6.2AI score0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/02 12:7 a.m.10 views

CVE-2023-3500 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A reflected XSS was possible when creating specific PlantUML diagrams that allowed the attacker to...

4.8CVSS5.8AI score0.00474EPSS
Exploits0References2
CVE
CVE
added 2023/08/02 12:7 a.m.336 views

CVE-2023-3500

GitLab CE/EE vulnerable to reflected XSS in PlantUML diagram creation, affecting versions 10.0–16.0.7, 16.1.0–16.1.2, and 16.2.0–16.2.1. Root cause is improper input handling in the diagram generation flow, enabling attackers to perform arbitrary actions on victims’ behalf. Remediations per sourc...

6.1CVSS5.4AI score0.00474EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder