GitLab prior to 8.14.9, 8.15.x prior to 8.15.6, and 8.16.x prior to 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab 8.16.0 |
||
gitlab gitlab 8.15.0 |
||
gitlab gitlab 8.15.1 |
||
gitlab gitlab 8.15.2 |
||
gitlab gitlab 8.15.3 |
||
gitlab gitlab 8.16.2 |
||
gitlab gitlab 8.16.4 |
||
gitlab gitlab 8.15.4 |
||
gitlab gitlab |
||
gitlab gitlab 8.16.1 |
||
gitlab gitlab 8.16.3 |
||
gitlab gitlab 8.15.5 |