9 matches found
EUVD-2025-24600
Malicious code in bioql PyPI...
BIT-GITLAB-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...
CVE-2025-6186
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...
GitLab 18.1 < 18.1.4 / 18.2 < 18.2.2 (CVE-2025-6186)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting...
UBUNTU-CVE-2025-6186
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...
CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...
CVE-2025-6186
CVE-2025-6186 affects GitLab CE/EE: all versions from 18.1 before 18.1.4 and 18.2 before 18.2.2. The issue allows authenticated users to potentially take over accounts by injecting malicious HTML into work item names. Connected sources (OSV entries) confirm the same description and affected versi...
CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...
PT-2025-33054 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 18.1 through 18.1.4 GitLab CE/EE versions 18.2 through 18.2.2 Description: An issue exists in GitLab CE/EE that allows authenticated users to take control of accounts by injecting malicious HTML into work item names...