CVE-2024-8312

Published: 2024-10-24T10:15Z

Last Modified: 2024-12-13T15:43Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. An attacker could inject HTML into the Global Search field on a diff view leading to XSS. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt