Vulnerabilities > Gitlab > Gitlab > 11.11.6

DATE CVE VULNERABILITY TITLE RISK
2019-09-09 CVE-2019-5471 Cross-site Scripting vulnerability in Gitlab
An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-09-09 CVE-2019-5467 Cross-site Scripting vulnerability in Gitlab
An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-09-09 CVE-2019-5463 Missing Authorization vulnerability in Gitlab
An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status.
network
low complexity
gitlab CWE-862
5.3
5.3
2019-09-09 CVE-2019-5461 Improper Input Validation vulnerability in Gitlab
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network.
network
low complexity
gitlab CWE-20
4.0
4.0