DOM-based Cross-Site Scripting Vulnerability in GitHub Enterprise Server
CVE-2025-11892

8.6HIGH

Key Information:

Vendor

Github
Status
Enterprise Server
Vendor
CVE Published:
10 November 2025

What is CVE-2025-11892?

A vulnerability exists in GitHub Enterprise Server that allows for DOM-based cross-site scripting through the Issues search label filter. This could enable an attacker with access to the affected instance to execute malicious scripts, resulting in privilege escalation and unauthorized actions within the workflow. Successful exploitation requires an attacker to lure a user with elevated permissions (operating in sudo mode) to click a specially crafted link, performing actions that should only be accessible through proper authorization. All versions prior to specified secure releases are affected.

Affected Version(s)

Enterprise Server 3.18.0

Enterprise Server 3.18.0 < 3.18.1

Enterprise Server 3.17.0 <= 3.17.6

References

https://docs.github.com/en/enterprise-server@3.18/admin/r...
https://docs.github.com/en/enterprise-server@3.17/admin/r...
https://docs.github.com/en/enterprise-server@3.16/admin/r...

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

André Storfjord Kristiansen
JSON
.
CVE-2025-11892 : DOM-based Cross-Site Scripting Vulnerability in GitHub Enterprise Server