{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "11.0.0" }, { "fixed": "11.3.11" }, { "introduced": "11.0.0" }, { "fixed": "11.3.11" }, { "introduced": "11.4.0" }, { "fixed": "11.4.8" }, { "introduced": "11.4.0" }, { "fixed": "11.4.8" }, { "introduced": "11.5.0" }, { "fixed": "11.5.1" }, { "introduced": "11.5.0" }, { "fixed": "11.5.1" } ] }, "events": [ { "introduced": "c6f72ac9a88521257991aa9a0cc6d558126f5bb9" }, { "fixed": "97bf583178874e2617c347c33ca30b9b33b97402" }, { "introduced": "c6f72ac9a88521257991aa9a0cc6d558126f5bb9" }, { "fixed": "97bf583178874e2617c347c33ca30b9b33b97402" }, { "introduced": "cfe266cbac3c5d413e9c061fff420630e517005f" }, { "fixed": "966cce5bfe657c7676dcc02125bb89bd3f067887" }, { "introduced": "cfe266cbac3c5d413e9c061fff420630e517005f" }, { "fixed": "966cce5bfe657c7676dcc02125bb89bd3f067887" }, { "introduced": "cb71fca38c3de0c212685f97a46ee8426f63d301" }, { "fixed": "cab68f5d2035026e5e29ef68b79fdfe5ca90f947" }, { "introduced": "cb71fca38c3de0c212685f97a46ee8426f63d301" }, { "fixed": "cab68f5d2035026e5e29ef68b79fdfe5ca90f947" } ], "repo": "https://gitlab.com/gitlab-org/gitlab", "type": "GIT" } ] } ], "details": "An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is a persistent XSS vulnerability in the environment pages due to a lack of input validation and output encoding.", "id": "CVE-2018-19493", "modified": "2026-04-01T23:10:39.468711815Z", "published": "2019-07-10T15:15:11.320Z", "references": [ { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/109122" }, { "type": "ADVISORY", "url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/" }, { "type": "REPORT", "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/53037" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }