XSS Vulnerability in GitLab CE/EE Markdown Fields via Unrecognized HTML Tags
CVE-2018-19570 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
GitLab CE/EE, versions 11.3 before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via unrecognized HTML tags.
Learn more about our Web Application Penetration Testing UK.