XSS Vulnerability in GitLab CE/EE Markdown Fields via Mermaid
CVE-2018-19573 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
Learn more about our Web Application Penetration Testing UK.