Vulnerabilities > Gitlab > Gitlab > 12.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-09 | CVE-2019-5471 | Cross-site Scripting vulnerability in Gitlab An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. | 5.4 |
2019-09-09 | CVE-2019-5467 | Cross-site Scripting vulnerability in Gitlab An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. | 5.4 |
2019-09-09 | CVE-2019-5463 | Missing Authorization vulnerability in Gitlab An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. | 5.3 |
2019-09-09 | CVE-2019-5461 | Improper Input Validation vulnerability in Gitlab An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. | 4.0 |
2019-08-29 | CVE-2019-14943 | Use of Hard-coded Credentials vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. | 7.5 |