CVE-2025-0811
Published: 27 March 2025
Description
An adversary may rely upon a user opening a malicious file in order to gain execution.
Security Summary
CVE-2025-0811 is a cross-site scripting (XSS) vulnerability stemming from improper rendering of certain file types in GitLab Community Edition (CE) and Enterprise Edition (EE). It affects all versions from 17.7 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1. The issue is classified under CWE-79 with a CVSS v3.1 base score of 8.7 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N), indicating high severity due to its potential for significant confidentiality and integrity impacts.
An attacker with low-privileged authenticated access (PR:L) can exploit this vulnerability over the network (AV:N) by crafting malicious files that, when rendered, trigger XSS upon user interaction (UI:R). The cross-origin scope change (S:C) enables the attacker to steal sensitive data or perform actions on behalf of the victim user, achieving high impacts on confidentiality and integrity without affecting availability.
Mitigation involves upgrading to GitLab versions 17.8.6, 17.9.3, 17.10.1, or later, as indicated by the affected version ranges. Additional details are available in the GitLab issue tracker at https://gitlab.com/gitlab-org/gitlab/-/issues/515566 and the HackerOne disclosure at https://hackerone.com/reports/2961854.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
XSS vulnerability in public-facing GitLab web app enables exploitation via crafted malicious files that trigger script execution in victim's browser upon interaction.