13 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-2164
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions...
BIT-GITLAB-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
Cross-site Scripting (XSS)
gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of input validation in the library, which allows an attacker to inject and execute malicious javascript through the maliciously crafted URL in the WebIDE beta...
CVE-2023-2164
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
CVE-2023-2164
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
Cross site scripting
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
UBUNTU-CVE-2023-2164
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
CVE-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
CVE-2023-2164
Removed by vendor...
CVE-2023-2164
CVE-2023-2164 affects GitLab: all versions from 15.9 up to, but not including, 16.0.8; from 16.1 up to, but not including, 16.1.3; and from 16.2 up to, but not including, 16.2.2. It enables a stored Cross-Site Scripting (XSS) vulnerability via user interaction with a crafted URL in the WebIDE bet...
CVE-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...
GitLab 15.9 < 16.0.8 / 16.1.0 < 16.1.3 / 16.2.0 < 16.2.2 (CVE-2023-2164)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was...
PT-2023-18303
Name of the Vulnerable Software and Affected Versions GitLab versions 15.9 through 16.0.7 GitLab versions 16.1 through 16.1.2 GitLab versions 16.2 through 16.2.1 Description An issue has been discovered in GitLab, allowing an attacker to trigger a stored XSS vulnerability via user interaction wit...