CVE-2024-8179

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 12, 2024
CWE ID 79

Summary

CVE-2024-8179 is a vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE), versions 17.3 to 17.4.6, 17.5 to 17.5.4, and 17.6 to 17.6.2. This issue arises due to improper output encoding, which may result in Cross-Site Scripting (XSS) attacks. Successful exploitation of this vulnerability requires no CSP (Content Security Policy) protection to be in place. It is crucial for GitLab users to update their instances to the fixed versions as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share