CVE-2025-32019: Harbor repository description page has Cross-site Scripting vulnerability
In the Harbor repository information, it is possible to inject code resulting in a stored XSS issue.
References
- github.com/advisories/GHSA-f9vc-vf3r-pqqq
- github.com/goharbor/harbor
- github.com/goharbor/harbor/commit/76c2c5f7cfd9edb356cbb373889a59cc3217a058
- github.com/goharbor/harbor/commit/a13a16383a41a8e20f524593cb290dc52f86f088
- github.com/goharbor/harbor/commit/f019430872118852f83f96cac9c587b89052d1e5
- github.com/goharbor/harbor/security/advisories/GHSA-f9vc-vf3r-pqqq
- nvd.nist.gov/vuln/detail/CVE-2025-32019
Code Behaviors & Features
Detect and mitigate CVE-2025-32019 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →