Stored XSS vulnerability in GitLab CE/EE - CVE-2024-3092 (rpm)ID: oval:org.secpod.oval:def:10000615 | Date: (C)2024-06-05 (M)2024-06-05 |
Class: VULNERABILITY | Family: unix |
The host is installed with GitLab CE/EE 16.9.0 before 16.9.4 or 16.10.0 before 16.10.2 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. On successful exploitation, an attacker may perform arbitrary actions on behalf of victims.
Product: |
gitlab-ce |
gitlab-ee |