Lucene search
+L

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.4 views

CVE-2023-0050

An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to...

8.7CVSS6.6AI score0.9242EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 11:12 a.m.20 views

BIT-GITLAB-2023-0050

An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to...

8.7CVSS6.3AI score0.9242EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.30 views

GitLab < 15.7.8 (SECURITY-RELEASE-GITLAB-15-9-2-RELEASED)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A speciall...

8.7CVSS5.9AI score0.9242EPSS
Exploits0References12
Veracode
Veracode
added 2023/08/06 11:58 p.m.24 views

Cross-Site Scripting (XSS)

gitlab is vulnerable to Cross-Site Scripting XSS. The vulnerability exists in an attacker to use a specially crafted Kroki diagram to inject and execute arbitrary javascript...

8.7CVSS6.5AI score0.9242EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/03/09 10:15 p.m.17 views

Cross site scripting

An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to...

4.9CVSS5.2AI score0.9242EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/03/09 12:0 a.m.138 views

CVE-2023-0050

GitLab vulnerability CVE-2023-0050 affects GitLab versions 13.7–15.7.8, 15.8–15.8.4, and 15.9–15.9.2. A specially crafted Kroki diagram can trigger a stored XSS on the client side, allowing attackers to perform arbitrary actions on behalf of victims. Root cause is an XSS condition via Kroki rende...

8.7CVSS5.2AI score0.9242EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/09 12:0 a.m.213 views

CVE-2023-0050

An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to...

8.7CVSS8.2AI score0.9242EPSS
Exploits0References3
OSV
OSV
added 2023/03/09 12:0 a.m.17 views

CVE-2023-0050

An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to...

8.7CVSS5.8AI score0.9242EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/07 12:0 a.m.6 views

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. GitLab suffers from a security vulnerability that stems from a specially craft...

8.7CVSS6.7AI score0.9242EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/03/03 12:0 a.m.61 views

GitLab 13.7 < 15.7.8 / 15.8 < 15.8.4 / 15.9 < 15.9.2 (CVE-2023-0050)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A speciall...

8.7CVSS6.8AI score0.9242EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/03 12:0 a.m.49 views

FreeBSD : Gitlab -- Multiple Vulnerabilities (f7c5b3a9-b9fb-11ed-99c6-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f7c5b3a9-b9fb-11ed-99c6-001b217b3468 advisory. - An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8,...

8.7CVSS5.8AI score0.9242EPSS
Exploits0References13
Hacker One
Hacker One
added 2022/12/17 10:52 a.m.14 views

GitLab: Stored XSS via Kroki diagram

Arbitrary javascript could be executed when a victim views a comment on GitLab due to a stored XSS vulnerability via Kroki diagram. This was possible by crafting a pre block so that arbitrary attributes can be injected into the resulting img tag. The vulnerability was caused by the lang attribute...

5.8AI score
Exploits0
Rows per page
Query Builder