Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2019-6781

An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notification emails.

  • Published: May 17, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-6781
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
gitlab / gitlab 11.6.0 11.6.8
gitlab / gitlab 11.7.0 11.7.3
gitlab / gitlab 11.5.0 11.5.10