{"id":"CVE-2020-13337","details":"An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.","aliases":["BIT-gitlab-2020-13337"],"modified":"2026-04-10T04:22:14.402414Z","published":"2020-10-02T20:15:12.393Z","references":[{"type":"ADVISORY","url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13337.json"},{"type":"REPORT","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/199049"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/gitlab-org/gitlab","events":[{"introduced":"58d798bed6228196b580ae8def5d5080e5a56c73"},{"fixed":"7fdbe55ee7a37de82ac5cdccc2db2cc324e1a0b6"},{"introduced":"58d798bed6228196b580ae8def5d5080e5a56c73"},{"fixed":"7fdbe55ee7a37de82ac5cdccc2db2cc324e1a0b6"}],"database_specific":{"versions":[{"introduced":"12.10.0"},{"fixed":"12.10.12"},{"introduced":"12.10.0"},{"fixed":"12.10.12"}]}}],"versions":["v12.10.0-ee","v12.10.1-ee","v12.10.10-ee","v12.10.3-ee","v12.10.4-ee","v12.10.5-ee","v12.10.6-ee","v12.10.8-ee"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13337.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}