Vulnerability Details CVE-2024-8179
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.6%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2024-8179
-
cpe:2.3:a:gitlab:gitlab:17.3.0
-
cpe:2.3:a:gitlab:gitlab:17.3.1
-
cpe:2.3:a:gitlab:gitlab:17.3.2
-
cpe:2.3:a:gitlab:gitlab:17.3.3
-
cpe:2.3:a:gitlab:gitlab:17.3.4
-
cpe:2.3:a:gitlab:gitlab:17.3.5
-
cpe:2.3:a:gitlab:gitlab:17.3.6
-
cpe:2.3:a:gitlab:gitlab:17.3.7
-
cpe:2.3:a:gitlab:gitlab:17.4.0
-
cpe:2.3:a:gitlab:gitlab:17.4.1
-
cpe:2.3:a:gitlab:gitlab:17.4.2
-
cpe:2.3:a:gitlab:gitlab:17.4.3
-
cpe:2.3:a:gitlab:gitlab:17.4.4
-
cpe:2.3:a:gitlab:gitlab:17.4.5
-
cpe:2.3:a:gitlab:gitlab:17.5.0
-
cpe:2.3:a:gitlab:gitlab:17.5.1
-
cpe:2.3:a:gitlab:gitlab:17.5.2
-
cpe:2.3:a:gitlab:gitlab:17.5.3
-
cpe:2.3:a:gitlab:gitlab:17.6.0
-
cpe:2.3:a:gitlab:gitlab:17.6.1