Lucene search
K

5 matches found

vulnrichment
vulnrichment
added 2025/03/03 4:2 p.m.10 views

CVE-2025-0555 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

A Cross Site Scripting XSS vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions...

7.7CVSS7.4AI score0.00439EPSS
Exploits0References2
cve
cve
added 2025/03/03 4:2 p.m.137 views

CVE-2025-0555

CVE-2025-0555 is a Cross-Site Scripting (XSS) vulnerability in GitLab-EE affecting all 16.6+ releases up to but not including 17.7.6, 17.8 up to not including 17.8.4, and 17.9 up to not including 17.9.1. The issue allows an attacker to bypass security controls and run arbitrary scripts in a user’...

7.7CVSS7.2AI score0.00439EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2025/03/03 4:2 p.m.14 views

CVE-2025-0555

Removed by vendor...

7.7CVSS7.5AI score0.00439EPSS
Exploits0
nessus
nessus
added 2025/03/03 12:0 a.m.14 views

GitLab 16.6 < 17.7.6 / 17.8 < 17.8.4 / 17.9 < 17.9.1 (CVE-2025-0555)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A Cross Site Scripting XSS vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls an...

7.7CVSS8.7AI score0.00439EPSS
Exploits0References4
circl
circl
added 2025/02/27 6:26 a.m.16 views

CVE-2025-0555

creationtimestamp| type| source ---|---|--- 2025-02-27 06:26:45+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lj5b53egjb27 2025-03-02 13:24:32+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3ljfjuvjz6c2f 2025-03-03 16:30:35+00:00| published-proof-of-concept...

7.7CVSS7.6AI score0.00439EPSS
Exploits0References5
Rows per page
Query Builder