Vulnerabilities > Gitlab > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-12 | CVE-2013-4580 | Improper Authentication vulnerability in Gitlab GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls. | 6.8 |
2014-01-24 | CVE-2013-7316 | Cross-Site Scripting vulnerability in Gitlab 6.0.0 Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html. | 4.3 |