CVE-2019-12444

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
10/03/2020
Last modified:
10/03/2020

Description

An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* 8.9.0 (including) 11.11.0 (including)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* 8.9.0 (including) 11.11.0 (including)