12 matches found
MAL-2025-5216 Malicious code in strict-csp-builder (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e42c1e63ff88dae30df638aa554602cf21df6606f31d9476c8b00d28881777d5 Any computer that has this package installed or running should be considered...
Malicious code in strict-csp-builder (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e42c1e63ff88dae30df638aa554602cf21df6606f31d9476c8b00d28881777d5 Any computer that has this package installed or running should be considered...
BIT-GITLAB-2022-3573
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...
Cross-site Scripting (XSS)
gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability occurs due to an improper filtering of query parameters in the wiki changes page allowing a malicious authenticated attacker to execute arbitrary javascript on self-hosted instances running without strict CSP...
Cross-site Scripting (XSS)
gitlab is vulnerable to Cross-site Scripting XSS. A specially crafted payload may allow a malicious attacker to execute arbitrary actions on self-hosted instances running without strict CSP...
CVE-2022-3513
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which allows attackers to...
Cross site scripting
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which allows attackers to...
CVE-2022-3513
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which allows attackers to...
CVE-2022-3513
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which allows attackers to...
Input validation
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...
CVE-2022-3573
Removed by vendor...
CVE-2022-3573
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...