VYPR
Medium severity5.4OSV Advisory· Published Aug 3, 2018· Updated Jun 17, 2026

CVE-2018-12605

CVE-2018-12605

Description

An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.