Aphantom

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 16.2 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 GitLab CE/EE versions 18.9 through 18.9.0 **Description** A flaw exists in GitLab CE/EE that, under specific conditions, could allow an unauthenticated user to inject arbitrary scripts into the Mermaid sandbox UI. **Recommendations** Update GitLab CE/EE to version 18.7.5 or later. Update GitLab CE/EE to version 18.8.5 or later. Update GitLab CE/EE to version 18.9.1 or later.