CVE-2017-8778
GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.
| Software | From | Fixed in |
|---|---|---|
| gitlab / gitlab | 8.16.4 | 8.16.4.x |
| gitlab / gitlab | - | 8.14.9.x |
| gitlab / gitlab | 8.15.2 | 8.15.2.x |
| gitlab / gitlab | 8.15.3 | 8.15.3.x |
| gitlab / gitlab | 8.15.5 | 8.15.5.x |
| gitlab / gitlab | 8.16.2 | 8.16.2.x |
| gitlab / gitlab | 8.15.4 | 8.15.4.x |
| gitlab / gitlab | 8.16.1 | 8.16.1.x |
| gitlab / gitlab | 8.15.0 | 8.15.0.x |
| gitlab / gitlab | 8.15.1 | 8.15.1.x |
| gitlab / gitlab | 8.16.0 | 8.16.0.x |
| gitlab / gitlab | 8.16.3 | 8.16.3.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime