CVE-2025-11892

GitHub Enterprise Server is affected by CVE-2025-11892: an improper neutralization of input leads to DOM-based cross-site scripting via the Issues search label filter, enabling privilege escalation and unauthorized workflow triggers. Exploitation requires user interaction and access to a target s...

CVE-2025-11892 DOM-based Cross-Site Scripting was identified in GitHub Enterprise Server Issues search allows privilege escalation and unauthorized workflow triggers

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have...

CVE-2025-11892 DOM-based Cross-Site Scripting was identified in GitHub Enterprise Server Issues search allows privilege escalation and unauthorized workflow triggers

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability in GitHub Enterprise Server versions prior t...