GitLab Patches Stored XSS in Kubernetes Proxy and Six Other Flaws in November 2025 Security Release
GitLab released versions 18.5.2, 18.4.4, and 18.3.6 on November 12, 2025, fixing seven security vulnerabilities including a high-severity stored cross-site scripting flaw in the Kubernetes proxy functionality.
GitLab released versions 18.5.2, 18.4.4, and 18.3.6 for Community Edition and Enterprise Edition on November 12, 2025, addressing seven security vulnerabilities. The most severe is CVE-2025-11224, a stored cross-site scripting (XSS) vulnerability in the Kubernetes proxy functionality with a CVSS score of 7.7. This flaw affects all GitLab versions from 15.10 through 18.5.1 and could allow an authenticated user to execute stored XSS through improper input validation in the Kubernetes proxy. The vulnerability was reported by researcher joaxcar through GitLab's HackerOne bug bounty program.
The patch release also addresses CVE-2025-11865, an incorrect authorization issue in GitLab EE workflows that could allow a user to remove Duo flows of another user. This internally discovered vulnerability affects GitLab EE versions from 18.1 through 18.5.1 and carries a CVSS score of 6.5. Additionally, CVE-2025-2615 addresses an information disclosure issue in GraphQL subscriptions that could allow a blocked user to access sensitive information by establishing GraphQL subscriptions through WebSocket connections, affecting versions from 16.7 through 18.5.1 with a CVSS score of 4.3.
Several medium and low-severity vulnerabilities were also fixed. CVE-2025-7000 addresses an information disclosure issue in access control that could allow unauthorized users to view confidential branch names by accessing project issues with related merge requests, affecting versions from 17.6 through 18.5.1. CVE-2025-6945 fixes a prompt injection issue in GitLab Duo review that could allow an authenticated user to leak sensitive information from confidential issues by injecting hidden prompts in merge request comments, affecting GitLab EE versions from 17.9 through 18.5.1.
Two additional low-severity issues were patched: CVE-2025-11990, a client-side path traversal issue in branch names affecting GitLab EE versions 18.4 and 18.5, and CVE-2025-6171, an information disclosure issue in the packages API endpoint that could allow an authenticated user with reporter access to view branch names and pipeline details even when repository access was disabled, affecting versions from 13.2 through 18.5.1. CVE-2025-6171 was reported by researcher iamgk808 through the HackerOne program.
GitLab strongly recommends that all self-managed installations upgrade to one of the patched versions immediately. GitLab.com is already running the patched version, and GitLab Dedicated customers do not need to take action. The company follows a regular patch release schedule, with scheduled releases occurring twice a month on the second and fourth Wednesdays, in addition to ad-hoc critical patches for high-severity vulnerabilities.
This release highlights the ongoing security challenges faced by DevOps platforms that integrate multiple services, including Kubernetes proxy functionality and AI-powered features like GitLab Duo. The stored XSS vulnerability in the Kubernetes proxy is particularly concerning given the widespread use of Kubernetes in enterprise environments, where such a flaw could potentially be leveraged for lateral movement or data theft. GitLab's bug bounty program continues to play a crucial role in identifying and responsibly disclosing these vulnerabilities before they can be exploited in the wild.