5 matches found
CVE-2025-0555 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
A Cross Site Scripting XSS vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions...
CVE-2025-0555
CVE-2025-0555 is a Cross-Site Scripting (XSS) vulnerability in GitLab-EE affecting all 16.6+ releases up to but not including 17.7.6, 17.8 up to not including 17.8.4, and 17.9 up to not including 17.9.1. The issue allows an attacker to bypass security controls and run arbitrary scripts in a user’...
CVE-2025-0555
Removed by vendor...
GitLab 16.6 < 17.7.6 / 17.8 < 17.8.4 / 17.9 < 17.9.1 (CVE-2025-0555)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A Cross Site Scripting XSS vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls an...
CVE-2025-0555
creationtimestamp| type| source ---|---|--- 2025-02-27 06:26:45+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lj5b53egjb27 2025-03-02 13:24:32+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3ljfjuvjz6c2f 2025-03-03 16:30:35+00:00| published-proof-of-concept...