CVE-2017-0924

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-0924
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0924.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-0924
Published
2018-03-21T20:29:00.683Z
Modified
2026-04-10T03:54:32.147449Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
f33774cb120324d428dabf52c89b8a65e4d4c166
Last affected
9c32fedb6d29601a9cb698a25f8b917724b484b3
Introduced
f33774cb120324d428dabf52c89b8a65e4d4c166
Last affected
9c32fedb6d29601a9cb698a25f8b917724b484b3
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Last affected
5a1abb98b40ef0047d634b6ff09c3379da46cff9
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Last affected
5a1abb98b40ef0047d634b6ff09c3379da46cff9
Introduced
d90716aff22310b27734df86d287d2cb4084fdbb
Last affected
3ec4b67ffebfd15dd22fca7b35b0405454422df7
Introduced
d90716aff22310b27734df86d287d2cb4084fdbb
Last affected
3ec4b67ffebfd15dd22fca7b35b0405454422df7
Introduced
6369db0196ec7b6e288b16382c95243424a59b62
Last affected
3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6
Introduced
6369db0196ec7b6e288b16382c95243424a59b62
Last affected
3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6
Database specific 
{
    "versions": [
        {
            "introduced": "9.0.0"
        },
        {
            "last_affected": "9.5.10"
        },
        {
            "introduced": "9.0.0"
        },
        {
            "last_affected": "9.5.10"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.1.5"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.1.5"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "last_affected": "10.2.5"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "last_affected": "10.2.5"
        },
        {
            "introduced": "10.3.0"
        },
        {
            "last_affected": "10.3.3"
        },
        {
            "introduced": "10.3.0"
        },
        {
            "last_affected": "10.3.3"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0924.json"