CVE-2019-19311

CVE-2019-19311

EPSS 0.7%

GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/https://about.gitlab.com/blog/categories/releases/https://gitlab.com/gitlab-org/gitlab/issues/31536