Vulnerabilities > CVE-2018-19359 - Unspecified vulnerability in Gitlab
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
Vulnerable Configurations
Nessus
NASL family | FreeBSD Local Security Checks |
NASL id | FREEBSD_PKG_D889D32CECD911E89416001B217B3468.NASL |
description | Gitlab reports : Persistent XSS Autocompletion Unauthorized service template creation |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 119058 |
published | 2018-11-21 |
reporter | This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/119058 |
title | FreeBSD : Gitlab -- Multiple vulnerabilities (d889d32c-ecd9-11e8-9416-001b217b3468) |
References
- https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/
- https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/
- https://about.gitlab.com/blog/categories/releases/
- https://about.gitlab.com/blog/categories/releases/
- https://gitlab.com/gitlab-org/gitlab-ce/issues/54189
- https://gitlab.com/gitlab-org/gitlab-ce/issues/54189