Security Advisory

CVE-2020-13262

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-19 21:59:20

Last updated 2024-08-04 12:11:19

Assigner GitLab

State PUBLISHED

Description

Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link

← Browse all CVEs View on cve.org ↗