Page 106 of 1052 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1

CVE-2018-9244

https://notcve.org/view.php?id=CVE-2018-9244

05 Apr 2018 — GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting (specifically, data-milestone-id in the milestone dropdown feature). This is fixed in 10.6.3, 10.5.7, and 10.4.7. Las ediciones Community y Enterprise de GitLab, de la versión 9.2 hasta la 10.4, son vulnerables a Cross-Site Scripting (XSS) debido a la falta de validación de entradas en el componente milestones que desemboca en Cros... • https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1

CVE-2018-9243

https://notcve.org/view.php?id=CVE-2018-9243

05 Apr 2018 — GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vulnerable to XSS because a lack of input validation in the merge request component leads to cross site scripting (specifically, filenames in changes tabs of merge requests). This is fixed in 10.6.3, 10.5.7, and 10.4.7. Las ediciones Community y Enterprise de GitLab, de la versión 8.4 hasta la 10.4, son vulnerables a Cross-Site Scripting (XSS) debido a la falta de validación de entradas en el componente merge request que desemboca en Cross-... • https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •