Stored XSS vulnerability in GitLab CE/EE could allow for malicious commit notes to be imported
CVE-2024-4901

8.7HIGH

Key Information:

Vendor

Gitlab
Status
Gitlab
Vendor
CVE Published:
27 June 2024

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2024-4901?

A stored cross-site scripting (XSS) vulnerability has been identified in GitLab CE/EE, impacting users across multiple versions, including all from 16.9 prior to 16.11.5, from 17.0 prior to 17.0.3, and from 17.1 prior to 17.1.1. This vulnerability allows attackers to import potentially harmful script elements hidden within project commit notes. If exploited, the vulnerability could lead to unauthorized script execution in the context of a user’s session, making it critical for administrators and developers to remain vigilant in monitoring and updating their GitLab installations.

Affected Version(s)

GitLab 16.9 < 16.11.5

GitLab 17.0 < 17.0.3

GitLab 17.1 < 17.1.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-4901 - Proof of Concept

References

https://gitlab.com/gitlab-org/gitlab/-/issues/461773
issue-trackingpermissions-required
https://hackerone.com/reports/2500163
technical-descriptionexploitpermissions-required

CVSS V3.1

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

Credit

Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program
.
CVE-2024-4901 : Stored XSS vulnerability in GitLab CE/EE could allow for malicious commit notes to be imported