5 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-2255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain...
GitLab 13.5.0 < 17.8.6 / 17.9 < 17.9.3 / 17.10 < 17.10.1 (CVE-2025-2255)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site...
CVE-2025-2255 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site Scripting attacks XSS. for AppSec...
CVE-2025-2255
GitLab EE/CE AppSec is affected by CVE-2025-2255, with XSS due to error messages in versions 13.5.0–before 17.8.6, 17.9–before 17.9.3, and 17.10–before 17.10.1. The issue is rooted in improper output/handling of error messages, allowing cross-site scripting. Several connected sources corroborate ...
CVE-2025-2255
Removed by vendor...