Vulnerabilities

CVE-2026-0752 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scriptin...

2026-02-25 0 views admin

CVE ID : CVE-2026-0752 Published : Feb. 25, 2026, 8:05 p.m. | 51 minutes ago Description : GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that under certain circumstances, could have allowed an unauthenticated user to inject arbitrary scripts into the Mermaid sandbox UI. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-0752

Severity

HIGH

Published

Feb. 25, 2026

Affected Product: GitLab

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-0752highgitlab

CVE-2026-0752 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scriptin...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-1725 - Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-1747 - Authentication Bypass Using an Alternate Path or Channel in GitLab

CVE-2026-1662 - Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-1388 - Inefficient Regular Expression Complexity in GitLab

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting