CVE-2018-19573

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 10.3 through 11.5 before 11.5.1 GitLab CE/EE version 11.4 before 11.4.8 GitLab CE/EE version 11.3 before 11.3.11

Description The issue is related to an XSS vulnerability in Markdown fields via Mermaid.

Recommendations For GitLab CE/EE versions 10.3 through 11.3 before 11.3.11, update to version 11.3.11 or later. For GitLab CE/EE version 11.4 before 11.4.8, update to version 11.4.8 or later. For GitLab CE/EE version 11.5 before 11.5.1, update to version 11.5.1 or later.