Security Advisory

CVE-2025-2443

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-20 17:12:54

Last updated 2025-06-20 17:27:26

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a users browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

← Browse all CVEs View on cve.org ↗