Page 119 of 625 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow. Se ha descubierto un problema en las ediciones Community y Enterprise de GitLab en versiones 11.1.x anteriores a la 11.1.2. Puede ocurrir una denegación de servicio (DoS) porque los tiempos de renderizado de Markdown son lentos. • https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released https://gitlab.com/gitlab-org/gitlab-ce/issues/49409 •

CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit. Se ha descubierto un problema en las ediciones Community y Enterprise de GitLab, en versiones anteriores a la 10.8.7, versiones 11.0.x anteriores a la 11.0.5 y versiones 11.1.x anteriores a la 11.1.2. Puede ocurrir Cross-Site Scripting (XSS) en el nombre de branch durante un commit de archivo IDE web. • https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released https://gitlab.com/gitlab-org/gitlab-ce/issues/47793 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component. Se ha descubierto un problema en las ediciones Community y Enterprise de GitLab, en versiones anteriores a la 10.8.7, versiones 11.0.x anteriores a la 11.0.5 y versiones 11.1.x anteriores a la 11.1.2. Puede ocurrir Cross-Site Request Forgery (CSRF) en la característica Test del componente System Hooks. • https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline. Se ha descubierto un problema en las ediciones Community y Enterprise de GitLab, en versiones anteriores a la 10.8.7, versiones 11.0.x anteriores a la 11.0.5 y versiones 11.1.x anteriores a la 11.1.2. Puede ocurrir Cross-Site Scripting (XSS) en el tooltip del job dento del pipeline CI/CD. • https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 1

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion. Se ha descubierto un problema en las ediciones Community y Enterprise de GitLab, en versiones anteriores a la 10.8.7, versiones 11.0.x anteriores a la 11.0.5 y versiones 11.1.x anteriores a la 11.1.2. Puede ocurrir Cross-Site Scripting (XSS) mediante un nombre Milestone durante una promoción. • https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released https://gitlab.com/gitlab-org/gitlab-ce/issues/48617 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •