CVE-2024-8312 - GitLab XSS Injection via Global Search Field

1 month ago 15
ARTICLE AD BOX
CVE ID : CVE-2024-8312
Published : Oct. 24, 2024, 10:15 a.m. | 24 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. An attacker could inject HTML into the Global Search field on a diff view leading to XSS.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article