An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |
||
gitlab gitlab 11.3.0 |