CVE-2014-3456

MEDIUM

Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS v2.0 Score

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Information

Published: 13 mai 2014
Updated: 12 avr. 2025
Status: Deferred
Source: cve@mitre.org

Affected products

gitlab gitlab

Versions : 6.6.0, 6.6.1

Weaknesses (CWE)

CWE-79

References (2)

https://www.gitlab.com/2014/02/27/gitlab-ee-6-6-2-security-release/
Vendor Advisory
https://www.gitlab.com/2014/02/27/gitlab-ee-6-6-2-security-release/
Vendor Advisory

Similar CVEs

Other vulnerabilities of type CWE-79

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring