Roshan Kudave

**Name of the Vulnerable Software and Affected Versions** GitHub Enterprise Server versions prior to 3.20 GitHub Enterprise Server versions 3.14.20 GitHub Enterprise Server versions 3.15.15 GitHub Enterprise Server versions 3.16.11 GitHub Enterprise Server versions 3.17.8 GitHub Enterprise Server versions 3.18.2 GitHub Enterprise Server versions 3.19.1 **Description** An Improper Neutralization of Input During Web Page Generation issue exists in GitHub Enterprise Server. This allows an attacker to render attacker-controlled HTML via the Filter component (search) across GitHub, potentially leading to the exfiltration of sensitive information. An attacker requires permissions to create or modify the names of milestones, issues, pull requests, or similar entities rendered in the vulnerable filter/search components to exploit this issue. **Recommendations** Update GitHub Enterprise Server to version 3.20 or later. Update GitHub Enterprise Server to version 3.19.1. Update GitHub Enterprise Server to version 3.18.2. Update GitHub Enterprise Server to version 3.17.8. Update GitHub Enterprise Server to version 3.16.11. Update GitHub Enterprise Server to version 3.15.15. Update GitHub Enterprise Server to version 3.14.20.

**Name of the Vulnerable Software and Affected Versions** GitHub Enterprise Server versions prior to 3.12 GitHub Enterprise Server versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15 are not affected as they contain the fix. **Description** The issue is related to Cross-site Scripting in the tag name pattern field in the tag protections UI. This allows a malicious website, requiring user interaction and social engineering, to make changes to a user account via CSP bypass with created CSRF tokens. The vulnerability was reported via the GitHub Bug Bounty program. **Recommendations** For GitHub Enterprise Server versions prior to 3.12, update to version 3.11.5, 3.10.7, 3.9.10, or 3.8.15 to resolve the issue. As a temporary workaround, consider restricting access to the tag protections UI to minimize the risk of exploitation.