Vulnerability Details CVE-2025-7739
An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped label descriptions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.8%
CVSS Severity
CVSS v3 Score 8.7
References