11 matches found
EUVD-2019-16343
Malware in sbrugna...
SUSE CVE-2025-32019
Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed ...
Cross-site Scripting (XSS)
github.com/goharbor/harbor is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to unsanitized content in the markdown field on the info tab page, which allows injection of malicious scripts...
BIT-HARBOR-2025-32019 Harbor's repository description page allows for XSS
Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0 and 2.13.0, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed in...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the markdown field in the info tab page. An attacker can execute arbitrary JavaScript code in the context of a user's browser by injecting malicious content. Details Cross-site scripting or XSS is a code...
CVE-2025-32019 Harbor's repository description page allows for XSS
Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed ...
CVE-2025-32019
Harbor (the open source cloud-native registry) contains a stored XSS vulnerability in the markdown field of the info tab. Affected versions are 2.11.2 and earlier, and 2.12.0-rc1 and 2.13.0-rc1. The issue is fixed in Harbor 2.11.3 and 2.12.3. Existence and details are supported by multiple source...
CVE-2019-6785
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service...
Denial of service
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service...
CVE-2019-6785
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service...
GitLab CE/EE Cross-Site Scripting Vulnerability (CNVD-2019-23578)
GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. A cross-si...