CVE-2018-10125: XSS in system log of back end
There’s a Cross-Site Scripting (XSS) vulnerability in system log of back end. With a manipulated request, an attacker can implant a script which is executed when a logged in back end user opens the system log. The attacker themselves does not have to be logged in.
References
Detect and mitigate CVE-2018-10125 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →