Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2024-7047

A cross site scripting vulnerability exists in GitLab CE/EE affecting all versions from 16.6 prior to 17.0.5, 17.1 prior to 17.1.3, 17.2 prior to 17.2.1 allowing an attacker to execute arbitrary scripts under the context of the current logged in user.

  • Published: Jul 25, 2024
  • Updated: Aug 27, 2024
  • CVE: CVE-2024-7047
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.4
  • AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
gitlab / gitlab 7.2.0 7.2.0.x
gitlab / gitlab 17.1.0 17.1.3
gitlab / gitlab 16.6.0 17.0.5