Overview
- Description
- An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious JavaScript code in Analytics Dashboards through a specially crafted URL.
- Source
- cve@gitlab.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- cve@gitlab.com
- CWE-79
Social media
- Hype score
- Not currently trending
Threat Alert: CVE-2024-9693: GitLab Issues Critical Patch for Kubernetes Agent CVE-2024-9693 CVE-2024-7404 CVE-2024-8648 Severity: ⚠️ Critical Maturity: 🧨 Trending Learn more: https://t.co/KXrmGu6Z1O #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
15 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-8648 An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an … https://t.co/DkDJRij4Pd
@CVEnew
14 Nov 2024
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes