cbcvebase.
CVE-2017-0924
published 2018-03-21

CVE-2017-0924: Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting.

medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting.

Affected

10 ranges
VendorProductVersion rangeFixed in
debiangitlab< gitlab 10.5.5+dfsg-1 (sid)gitlab 10.5.5+dfsg-1 (sid)
gitlabgitlab
gitlabgitlab10.0.0 – 10.1.5
gitlabgitlab10.2.0 – 10.2.5
gitlabgitlab10.3.0 – 10.3.3
gitlabgitlab9.0.0 – 9.5.10
gitlabgitlab_community_and_enterprise_editions
gitlabgitlab_community_and_enterprise_editions
gitlabgitlab_community_and_enterprise_editions
gitlabgitlab_community_and_enterprise_editions