Security Advisory

CVE-2025-9222

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-09 10:04:36

Last updated 2026-02-26 15:04:51

Assigner GitLab

State PUBLISHED

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2.2 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to achieve stored cross-site scripting by exploiting GitLab Flavored Markdown.

← Browse all CVEs View on cve.org ↗