CVE-2019-10111

  • Published Date: Wed 15 May 2019
  • Last Modified Date: Thu 16 May 2019

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allows persistent XSS in the merge request "resolve conflicts" page.

Impact

Severity: LOW
Exploitability Score: 6.8
Impact Score: 2.9
Attack Vector (AV): NETWORK
Attack Complexity (AC): MEDIUM
Privileges Required (PR): SINGLE
Availability (A): NONE

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD