Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:8 a.m.9 views

CVE-2024-2279

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to a stored XSS, allowin...

8.7CVSS6.4AI score0.0058EPSS
Exploits1References1
NVD
NVD
added 2024/04/12 1:15 a.m.16 views

CVE-2024-2279

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to a stored XSS, allowin...

8.7CVSS8.4AI score0.0058EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/12 12:53 a.m.27 views

CVE-2024-2279 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to a stored XSS, allowin...

8.7CVSS8.5AI score0.0058EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/12 12:53 a.m.20 views

CVE-2024-2279 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to a stored XSS, allowin...

8.7CVSS8.3AI score0.0058EPSS
Exploits1References2
CVE
CVE
added 2024/04/12 12:53 a.m.79 views

CVE-2024-2279

CVE-2024-2279 affects GitLab CE/EE across multiple release lines: 16.7–16.8.6; 16.9 prior to 16.9.4; 16.10 prior to 16.10.2. The issue arises from the autocomplete for issues references feature, where a crafted payload can trigger a stored XSS, enabling an attacker to perform arbitrary actions on...

8.7CVSS6.2AI score0.0058EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/04/12 12:53 a.m.30 views

CVE-2024-2279

Removed by vendor...

8.7CVSS5.8AI score0.0058EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2024/04/12 12:0 a.m.32 views

CVE-2024-2279

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to a stored XSS, allowin...

8.7CVSS5.9AI score0.0058EPSS
Exploits1References1
Rows per page
Query Builder