CVE-2024-4207

NVD Published Date: August 08, 2024 at 11:15 AM
NVD Last Modified: August 29, 2024 at 03:46 PM
Download Patch
Vulnerability ID
CVE-2024-4207
Severity
MEDIUM
Severity Score
5.4
Summary
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 prior 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2. When viewing an XML file in a repository in raw mode, it can be made to render as HTML if viewed under specific circumstances.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE ID
CWE-79

Recent Publish

CVE-2024-2800

CVE-2024-3114

CVE-2024-7348

CVE-2024-3659

2024-07 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5040427)

2024-07 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5040427)

See SecOps Solution
in action

Schedule Demo