PT-2019-14360 · Gitlab · Gitlab Ce/Ee+1
Samuel Mortenson
·
Published
2019-09-16
·
Updated
2019-09-17
·
CVE-2019-15739
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab Community and Enterprise Edition versions 8.1 through 12.2.1
Description
An issue was discovered where certain areas displaying Markdown were not properly sanitizing some XSS payloads.
Recommendations
For GitLab Community and Enterprise Edition versions 8.1 through 12.2.1, update to a version that contains a fix for this issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab
Gitlab Ce/Ee