CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gitlab: >> Gitlab >> 10.5.6 Security Vulnerabilities

CVE-2018-9244

GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting (specifically, data-milestone-id in the milestone dropdown feature). This is fixed in 10.6.3, 10.5.7, and 10.4.7.

CVSS Score

6.1

EPSS Score

0.001

Published

2018-04-05

Page 47

Vulnerabilities

Vulnerable Software

Gitlab: >> Gitlab >> 10.5.6 Security Vulnerabilities

Products

Pricing

Contact Us