Index: vuln.xml =================================================================== --- vuln.xml +++ vuln.xml @@ -58,6 +58,42 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + Gitlab -- multiple vulnerabilities + + + gitlab + 11.0.011.0.1 + 10.8.010.8.5 + 4.110.7.6 + + + + +

Gitlab reports:

+
+

Wiki XSS

+

Sanitize gem updates

+

XSS in url_for(params)

+

Content injection via username

+

Activity feed publicly displaying internal project names

+

Persistent XSS in charts

+
+ +
+ + CVE-2018-12606 + CVE-2018-3740 + CVE-2018-12605 + CVE-2018-12607 + https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/ + + + 2018-06-25 + 2018-06-25 + +
+ phpmyadmin -- remote code inclusion and XSS scripting