CVE-2026-13320 - CERT CVE
ID CVE-2026-13320
Sažetak GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input.
Reference
CVSS
Base: 7.3
Impact: 5.8
Exploitability:1.0
Pristup
VektorSloženostAutentikacija
NETWORK HIGH HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
Zadnje važnije ažuriranje 08-07-2026 - 21:16
Objavljeno 08-07-2026 - 21:16