| Max CVSS | 5.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-3740 | 5.0 |
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
|
28-12-2018 - 16:29 | 30-03-2018 - 19:29 | |
| CVE-2018-12606 | 3.5 |
An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The wiki contains a persistent XSS issue due to a lack of output encoding affecting a specific markdown feature.
|
03-10-2018 - 17:36 | 03-08-2018 - 18:29 | |
| CVE-2018-12607 | 3.5 |
An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The charts feature contained a persistent XSS issue due to a lack of output encoding.
|
03-10-2018 - 17:36 | 03-08-2018 - 18:29 | |
| CVE-2018-12605 | 3.5 |
An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter.
|
03-10-2018 - 17:35 | 03-08-2018 - 18:29 |