First published: Wed Aug 12 2020(Updated: )
In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab | >=13.0.0<13.0.12 | |
GitLab | >=13.0.0<13.0.12 | |
GitLab | >=13.1.0<13.1.6 | |
GitLab | >=13.1.0<13.1.6 | |
GitLab | >=13.2.0<13.2.3 | |
GitLab | >=13.2.0<13.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-13288 has a medium severity rating due to its potential impact through stored XSS attacks.
To fix CVE-2020-13288, upgrade GitLab to version 13.0.12, 13.1.6, or 13.2.3 or later.
CVE-2020-13288 affects GitLab versions prior to 13.0.12, 13.1.6, and 13.2.3.
CVE-2020-13288 is a stored cross-site scripting (XSS) vulnerability.
Detailed information about CVE-2020-13288 can be found in security advisories and GitLab's issue tracker.