{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "11.11.2" }, { "fixed": "11.11.7" }, { "introduced": "11.11.2" }, { "fixed": "11.11.7" }, { "introduced": "12.0.0" }, { "fixed": "12.0.4" }, { "introduced": "12.0.0" }, { "fixed": "12.0.4" }, { "introduced": "12.1.0" }, { "fixed": "12.1.2" }, { "introduced": "12.1.0" }, { "fixed": "12.1.2" } ] }, "events": [ { "introduced": "cfdecb7c5dee07994cbc856109fc04025dafed31" }, { "fixed": "c7143c6ecb8a02dcd57855db824b7a470408f15a" }, { "introduced": "cfdecb7c5dee07994cbc856109fc04025dafed31" }, { "fixed": "c7143c6ecb8a02dcd57855db824b7a470408f15a" }, { "introduced": "3b13818e8330f68625d80d9bf5d8049c41fbe197" }, { "fixed": "38ffa850dd81d9f41c9fbc86dfb73135236ebe87" }, { "introduced": "3b13818e8330f68625d80d9bf5d8049c41fbe197" }, { "fixed": "38ffa850dd81d9f41c9fbc86dfb73135236ebe87" }, { "introduced": "1f2e6f3f6d84b8eab5526acdd69c38f5b78c3b0e" }, { "fixed": "d7aa668babded1e4e23922e8660762ddb845ebf1" }, { "introduced": "1f2e6f3f6d84b8eab5526acdd69c38f5b78c3b0e" }, { "fixed": "d7aa668babded1e4e23922e8660762ddb845ebf1" } ], "repo": "https://gitlab.com/gitlab-org/gitlab", "type": "GIT" } ] } ], "details": "An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.", "id": "CVE-2019-5467", "modified": "2026-03-13T21:49:25.849590249Z", "published": "2019-09-09T18:15:10.560Z", "references": [ { "type": "REPORT", "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60143" }, { "type": "EVIDENCE", "url": "https://hackerone.com/reports/526325" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }