Medium severity6.1NVD Advisory· Published Mar 13, 2020· Updated Jun 17, 2026
CVE-2020-10078
CVE-2020-10078
Description
GitLab 12.1 through 12.8.1 allows XSS. The merge request submission form was determined to have a stored cross-site scripting vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- GitLab/GitLabdescription
- Range: 12.1 through 12.8.1
Patches
Vulnerability mechanics
References
2- about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/nvdRelease NotesVendor Advisory
- about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.htmlnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.