Vulnerabilities > Gitlab > Gitlab > 12.10.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-07 | CVE-2020-13334 | Incorrect Authorization vulnerability in Gitlab In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query | 5.0 |
2020-10-06 | CVE-2020-13343 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.2. | 4.0 |
2020-10-06 | CVE-2020-13345 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 10.8. | 3.5 |
2020-10-02 | CVE-2020-13338 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2. | 3.5 |
2020-10-02 | CVE-2020-13337 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name. | 3.5 |
2020-09-30 | CVE-2020-13336 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions from 11.8 before 12.10.13. | 3.5 |
2020-09-30 | CVE-2020-13331 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13. | 3.5 |
2020-09-30 | CVE-2020-13330 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13. | 3.5 |
2020-09-30 | CVE-2020-13329 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions from 12.6.2 prior to 12.10.13. | 3.5 |
2020-09-30 | CVE-2020-13328 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. | 3.5 |