Back to KEVs

CVE-2018-10379

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2....

Basic Information

CVE State
PUBLISHED
Reserved Date
April 25, 2018
Published Date
May 31, 2018
Last Updated
August 05, 2024
Vendor
n/a
Product
n/a
Description
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability.

CVSS Scores

EPSS Score

Score
0.06% (Percentile: 19.61%) as of 2025-04-29

Exploit Status

Exploited in the Wild
Yes (added 2025-04-23 21:33:20 UTC) Source

References

https://about.gitlab.com/2018/04/30/security-release-gitlab-10-dot-7-dot-2-released/ http://www.securityfocus.com/bid/104491

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-04-23 21:33:20 UTC