vulnerability

FreeBSD: VID-4ffcccae-e924-11ed-9c88-001b217b3468 (CVE-2023-1836): Gitlab -- Multiple Vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:H/Au:S/C:P/I:P/A:N)

Published

May 2, 2023

Added

May 3, 2023

Modified

Jun 15, 2026

Description

A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. When viewing an XML file in a repository in "raw" mode, it can be made to render as HTML if viewed under specific circumstances

Solution

freebsd-upgrade-package-gitlab-ce

References

CVE-2023-1836
https://attackerkb.com/topics/CVE-2023-1836
CWE-79
EUVD-EUVD-2023-24038
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-24038

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report