CVE-2019-5467 - AskarLabs CVE Database

CVE-2019-5467

Vendor N/A

Product GitLab CE/EE

Weakness CWE-79 · XSS

Published September 9, 2019

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.

Key dates

02Disclosure timeline

September 9, 2019 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-5467 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-56020 WordPress SvegliaT Buttons Plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability CVE-2024-13559 TemplatesNext ToolKit <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2025-12705 Social Reviews & Recommendations <= 2.5 - Unauthenticated Stored Cross-Site Scripting via Social Media Reviews CVE-2026-57320 WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability CVE-2025-49932 WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scripting (XSS) vulnerability