CVE-2013-7316
published 2014-01-24CVE-2013-7316: Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a…
PriorityP421medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.91%
77.3th percentile
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_debian4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pjvm-3x7g-4998: Cross-site scripting (XSS) vulnerability in GitLab 6
ghsa_unreviewed·2022-05-14
CVE-2013-7316 [MEDIUM] CWE-79 GHSA-pjvm-3x7g-4998: Cross-site scripting (XSS) vulnerability in GitLab 6
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html.
GitLab
CVE-2013-7316: Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML
vendor_gitlab·2014-01-24·CVSS 4.3
CVE-2013-7316 [MEDIUM] CWE-79 CVE-2013-7316: Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML
CVE-2013-7316: Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html.
Debian
CVE-2013-7316: gitlab - Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before...
vendor_debian·2013·CVSS 4.3
CVE-2013-7316 [MEDIUM] CVE-2013-7316: gitlab - Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before...
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html.
Scope: local
sid: resolved
No detection rules found.
No writeups or analysis indexed.
http://www.exploit-db.com/exploits/30329http://www.securityfocus.com/bid/64490https://exchange.xforce.ibmcloud.com/vulnerabilities/89932https://www.gitlab.com/2014/01/30/xss-vulnerability-in-gitlab/http://www.exploit-db.com/exploits/30329http://www.securityfocus.com/bid/64490https://exchange.xforce.ibmcloud.com/vulnerabilities/89932https://www.gitlab.com/2014/01/30/xss-vulnerability-in-gitlab/
2014-01-24
Published