XSS Vulnerability in GitLab CE/EE OAuth Authorization Page

XSS Vulnerability in GitLab CE/EE OAuth Authorization Page

CVE-2018-19574 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.

Learn more about our Web Application Penetration Testing UK.