cbcvebase.
CVE-2017-0917
published 2018-03-21

CVE-2017-0917: Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.

medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.

Affected

9 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiangitlab< gitlab 10.5.5+dfsg-1 (sid)gitlab 10.5.5+dfsg-1 (sid)
gitlabgitlab
gitlabgitlab10.1.0 – 10.1.5
gitlabgitlab10.2.0 – 10.2.5
gitlabgitlab10.3.0 – 10.3.3
gitlabgitlab_community_and_enterprise_editions
gitlabgitlab_community_and_enterprise_editions
gitlabgitlab_community_and_enterprise_editions