Vulnerabilities > Gitlab > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-10-02 CVE-2020-13337 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.
network
low complexity
gitlab CWE-79
4.8
4.8
2020-09-30 CVE-2020-13336 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions from 11.8 before 12.10.13.
network
low complexity
gitlab CWE-79
4.8
4.8
2020-09-30 CVE-2020-13331 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions prior to 12.10.13.
network
low complexity
gitlab CWE-79
5.4
5.4
2020-09-30 CVE-2020-13330 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions prior to 12.10.13.
network
low complexity
gitlab CWE-79
5.4
5.4
2020-09-30 CVE-2020-13329 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions from 12.6.2 prior to 12.10.13.
network
low complexity
gitlab CWE-79
6.5
6.5
2020-09-30 CVE-2020-13328 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13.
network
low complexity
gitlab CWE-79
4.8
4.8
2020-09-30 CVE-2020-13326 Unspecified vulnerability in Gitlab
A vulnerability was discovered in GitLab versions prior to 13.1.
network
low complexity
gitlab
4.3
4.3
2020-09-30 CVE-2020-13324 Unspecified vulnerability in Gitlab
A vulnerability was discovered in GitLab versions prior to 13.1.
network
low complexity
gitlab
6.5
6.5
2020-09-30 CVE-2020-13320 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab before version 12.10.13 that allowed a project member with limited permissions to view the project security dashboard.
network
low complexity
gitlab
6.5
6.5
2020-09-30 CVE-2020-13319 Missing Authorization vulnerability in Gitlab
An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13.
network
low complexity
gitlab CWE-862
4.3
4.3