CVE-2017-0917

CVE-2017-0917

Vendor Gitlab

Product GitLab Community and Enterprise Editions

Weakness CWE-79 · XSS

Published March 21, 2018

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.

Key dates

02Disclosure timeline

March 21, 2018 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-0917 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

Identifiers

CVE CVE-2017-0917

CWE CWE-79

Affected versions

Vendor Gitlab

Product GitLab Community and Enterprise Editions

Affected 9.1.0 - 10.1.5 Fixed in 10.1.6

Vendor Gitlab

Product GitLab Community and Enterprise Editions

Affected 10.2.0 - 10.2.5 Fixed in 10.2.6

Vendor Gitlab

Product GitLab Community and Enterprise Editions

Affected 10.3.0 - 10.3.3 Fixed in 10.3.4

01Description

02Disclosure timeline

03References

04Related CVE