Added |
CPE Configuration |
|
OR
*cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* versions from (including) 5.1 up to (excluding) 16.10.7
*cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* versions from (including) 5.1 up to (excluding) 16.10.7
*cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* versions from (including) 16.11.0 up to (excluding) 16.111.4
*cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* versions from (including) 16.11.0 up to (excluding) 16.111.4
*cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* versions from (including) 17.0.0 up to (excluding) 17.0.2
*cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* versions from (including) 17.0.0 up to (excluding) 17.0.2
|
Added |
CVSS V3.1 |
|
NIST AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
|
Added |
CWE |
|
NIST CWE-79
|
Changed |
Reference Type |
https://about.gitlab.com/releases/2024/06/12/patch-release-gitlab-17-0-2-released/#xss-and-content-injection-when-viewing-raw-xhtml-files-on-ios-devices No Types Assigned
|
https://about.gitlab.com/releases/2024/06/12/patch-release-gitlab-17-0-2-released/#xss-and-content-injection-when-viewing-raw-xhtml-files-on-ios-devices Release Notes
|
Changed |
Reference Type |
https://gitlab.com/gitlab-org/gitlab/-/issues/458229 No Types Assigned
|
https://gitlab.com/gitlab-org/gitlab/-/issues/458229 Vendor Advisory
|
Changed |
Reference Type |
https://hackerone.com/reports/2473886 No Types Assigned
|
https://hackerone.com/reports/2473886 Third Party Advisory
|