CVE-2024-8770

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.10.17 GitHub Enterprise Server versions prior to 3.11.15 GitHub Enterprise Server versions prior to 3.12.9 GitHub Enterprise Server versions prior to 3.13.4 GitHub Enterprise Server versions prior to 3.14.1

Description: A Cross-Site Scripting (XSS) issue was identified in the repository transfer feature of GitHub Enterprise Server. This allows attackers to steal sensitive user information via social engineering.

Recommendations: For versions prior to 3.10.17, update to version 3.10.17 or later. For versions prior to 3.11.15, update to version 3.11.15 or later. For versions prior to 3.12.9, update to version 3.12.9 or later. For versions prior to 3.13.4, update to version 3.13.4 or later. For versions prior to 3.14.1, update to version 3.14.1 or later.