Lucene search
K

9 matches found

OSV
OSV
added 2026/02/16 4:30 p.m.6 views

BIT-GITLAB-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.6AI score0.00217EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/12 1:42 p.m.4 views

CVE-2026-0595

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.5AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 12:16 p.m.4 views

CVE-2026-0595

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS0.00217EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 11:33 a.m.1 views

CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.5AI score0.00217EPSS
Exploits0References3
CVE
CVE
added 2026/02/11 11:33 a.m.13 views

CVE-2026-0595

Technical details are not publicly available in the provided documents. Monitor for updates to see affected products, impact, vector, and remediation.

7.3CVSS5.5AI score0.00217EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/11 11:33 a.m.5 views

CVE-2026-0595

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.5AI score0.00217EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/11 11:33 a.m.4 views

CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.5AI score0.00217EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.3 views

PT-2026-7524

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.9 through 18.6.6 GitLab CE/EE versions 18.7 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 Description An issue exists in GitLab CE/EE where an authenticated user could potentially add unauthorized email...

7.3CVSS5.3AI score0.00217EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.4 views

CVE-2026-0595

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.9AI score0.00217EPSS
Exploits0References5
Rows per page
Query Builder