{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "7.6.0" }, { "fixed": "11.3.11" }, { "introduced": "7.6.0" }, { "fixed": "11.3.11" }, { "introduced": "11.4.0" }, { "fixed": "11.4.8" }, { "introduced": "11.4.0" }, { "fixed": "11.4.8" }, { "introduced": "11.5.0" }, { "fixed": "11.5.1" }, { "introduced": "11.5.0" }, { "fixed": "11.5.1" } ] }, "events": [ { "introduced": "6a285e2d0d20ee7f64dd836a1f7a02b873338fc5" }, { "fixed": "97bf583178874e2617c347c33ca30b9b33b97402" }, { "introduced": "6a285e2d0d20ee7f64dd836a1f7a02b873338fc5" }, { "fixed": "97bf583178874e2617c347c33ca30b9b33b97402" }, { "introduced": "cfe266cbac3c5d413e9c061fff420630e517005f" }, { "fixed": "966cce5bfe657c7676dcc02125bb89bd3f067887" }, { "introduced": "cfe266cbac3c5d413e9c061fff420630e517005f" }, { "fixed": "966cce5bfe657c7676dcc02125bb89bd3f067887" }, { "introduced": "cb71fca38c3de0c212685f97a46ee8426f63d301" }, { "fixed": "cab68f5d2035026e5e29ef68b79fdfe5ca90f947" }, { "introduced": "cb71fca38c3de0c212685f97a46ee8426f63d301" }, { "fixed": "cab68f5d2035026e5e29ef68b79fdfe5ca90f947" } ], "repo": "https://gitlab.com/gitlab-org/gitlab", "type": "GIT" } ] } ], "details": "GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.", "id": "CVE-2018-19574", "modified": "2026-03-13T21:48:36.197938170Z", "published": "2019-07-10T16:15:10.867Z", "references": [ { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/109163" }, { "type": "ADVISORY", "url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/" }, { "type": "REPORT", "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/42057" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }