{"id":"CVE-2018-16050","details":"An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.5 and 11.2.x before 11.2.2. There is Persistent XSS in the Merge Request Changes View.","modified":"2026-04-10T04:06:42.253421Z","published":"2018-10-03T16:29:00.713Z","references":[{"type":"ADVISORY","url":"https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/"},{"type":"REPORT","url":"https://gitlab.com/gitlab-org/gitlab-ce/issues/49085"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/gitlab-org/gitlab","events":[{"introduced":"5790caa7dc2fccf506a58da65f7d8aefaae3a18b"},{"last_affected":"ba3d9cf06aa7f2e77362ec32dd43f04ae1c6608c"},{"introduced":"5790caa7dc2fccf506a58da65f7d8aefaae3a18b"},{"last_affected":"ba3d9cf06aa7f2e77362ec32dd43f04ae1c6608c"},{"introduced":"342f33beb2ce090cfabfd0a5e7327b78d04588bb"},{"last_affected":"6b5c78f6ca15386fd084425daaefb299412c9adc"},{"introduced":"342f33beb2ce090cfabfd0a5e7327b78d04588bb"},{"last_affected":"6b5c78f6ca15386fd084425daaefb299412c9adc"},{"introduced":"7c11ed8c916a10f6d9c32635986008b48410531f"},{"fixed":"024183f900d027eb24a17c4706f2d4507b985cf1"},{"introduced":"7c11ed8c916a10f6d9c32635986008b48410531f"},{"fixed":"024183f900d027eb24a17c4706f2d4507b985cf1"},{"introduced":"44dbeccbe1039cb1d42d8502655ffb0bce3ae803"},{"fixed":"77397c52b449bf1ffbf2fd27f189de45babc67bb"},{"introduced":"44dbeccbe1039cb1d42d8502655ffb0bce3ae803"},{"fixed":"77397c52b449bf1ffbf2fd27f189de45babc67bb"}],"database_specific":{"versions":[{"introduced":"10.7.0"},{"last_affected":"10.7.7"},{"introduced":"10.7.0"},{"last_affected":"10.7.7"},{"introduced":"10.8.0"},{"last_affected":"10.8.6"},{"introduced":"10.8.0"},{"last_affected":"10.8.6"},{"introduced":"11.1.0"},{"fixed":"11.1.5"},{"introduced":"11.1.0"},{"fixed":"11.1.5"},{"introduced":"11.2.0"},{"fixed":"11.2.2"},{"introduced":"11.2.0"},{"fixed":"11.2.2"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16050.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}