Description
Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.gitlab.com/2014/02/27/gitlab-ee-6-6-2-security-release/
Scores
EPSS
0.0008
EPSS Percentile
23.4%
Details
CWE
CWE-79
Status
published
Products (2)
gitlab/gitlab
6.6.0
gitlab/gitlab
6.6.1
Published
May 13, 2014
Tracked Since
Feb 18, 2026