GitLab Community Edition (CE) and Enterprise Edition (EE) versions 10.0.4, 9.5.9 and 9.4.7 were released.
These versions contain several security fixes, including two persistent cross-site scripting (XSS) vulnerability fixes, an open redirect vulnerability, and a change in the username that may leave behind and reveal possible problems in the private issue name Information leaks and security updates for Ruby and libxml2.
Cross-site scripting (XSS) vulnerability in the Markdown editor
- The filter does not properly strip the invalid characters from the URL scheme and is therefore vulnerable to any persistent XSS attacks supported by Markdown. #38267
Cross-site scripting (XSS) vulnerability in the search bar
- The username is not escaped correctly by the HTML, and the filter will allow arbitrary script execution. #37715
Cross-Site Scripting (XSS) vulnerability in markdown:
- GitLab CE + EE 2.8.0-9.4.6, 9.5.0-9.5.8, 10.0.0-10.0.3
Cross-Site Scripting (XSS) vulnerability in search bar
- GitLab CE + EE 9.3.0-9.4.6, 9.5.0-9.5.8, 10.0.0-10.0.3
Open redirect in repository git redirects
- GitLab CE + EE 9.2.0-9.4.6, 9.5.0-9.5.8, 10.0.0-10.0.3
Username changes could leave repositories behind
- GitLab CE + EE 9.5.0-9.5.8, 10.0.0-10.0.3
Confidential issue names could leak in “related issues” feature
- GitLab EE 9.4.0-9.4.6, 9.5.0-9.5.8, 10.0.0-10.0.3
- GitLab CE + EE 8.14.0-9.4.6, 9.5.0-9.5.8, 10.0.0-10.0.3
- GitLab CE + EE 1.1.1-9.4.6, 9.5.0-9.5.8, 10.0.0-10.0.3
For more information, please visit here.