KEVIntel
Back to KEVs
6.1
CVSS
Medium

CVE-2018-10379

PUBLISHED

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2....

Exploited in the wild Remote Low complexity
Vendor
GitLab
Product
GitLab Community Edition (CE), GitLab Enterprise Edition (EE)
Published
May 31, 2018
EPSS

Description

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability.

CVSS scores

CVSS v3.0 6.1 Medium

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2.0 4.3

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitation status

Exploited in the wild

Recorded 2025-04-23 21:33:20 UTC · Source

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
The Shadowserver (via CIRCL) Apr 23, 2025

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel