CVE-2018-14604

MEDIUM

GitLab <10.8.7, <11.0.5, <11.1.2 - XSS

Title source: llm
STIX 2.1

Description

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline.

References (1)

Core 1
Core References

Scores

CVSS v3 6.1
EPSS 0.0074
EPSS Percentile 50.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
gitlab/gitlab < 10.8.7 (2 CPE variants)
Published Jul 27, 2018
Tracked Since Feb 18, 2026