Vulnerability Details CVE-2025-0811
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v3 Score 8.7
References
Products affected by CVE-2025-0811
-
cpe:2.3:a:gitlab:gitlab:17.10.0
-
cpe:2.3:a:gitlab:gitlab:17.7.0
-
cpe:2.3:a:gitlab:gitlab:17.7.1
-
cpe:2.3:a:gitlab:gitlab:17.7.2
-
cpe:2.3:a:gitlab:gitlab:17.7.3
-
cpe:2.3:a:gitlab:gitlab:17.7.4
-
cpe:2.3:a:gitlab:gitlab:17.7.5
-
cpe:2.3:a:gitlab:gitlab:17.7.6
-
cpe:2.3:a:gitlab:gitlab:17.7.7
-
cpe:2.3:a:gitlab:gitlab:17.8.0
-
cpe:2.3:a:gitlab:gitlab:17.8.1
-
cpe:2.3:a:gitlab:gitlab:17.8.2
-
cpe:2.3:a:gitlab:gitlab:17.8.3
-
cpe:2.3:a:gitlab:gitlab:17.8.4
-
cpe:2.3:a:gitlab:gitlab:17.8.5
-
cpe:2.3:a:gitlab:gitlab:17.9.0
-
cpe:2.3:a:gitlab:gitlab:17.9.1
-
cpe:2.3:a:gitlab:gitlab:17.9.2