CVE-2026-1282 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 Project Label Title cross site scripting

Inserito da Angelo Barbosa | Feb 11, 2026 | CVE

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 18.6.5/18.7.3/18.8.3. This impacts an unknown function of the component Project Label Title Handler. Such manipulation leads to basic cross site scripting.

This vulnerability is traded as CVE-2026-1282. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-1282 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 Project Label Title cross site scripting

Post correlati

CVE-2024-27812 | Apple visionOS up to 1.1 Web Contents denial of service

CVE-2025-68332 | Linux Kernel up to 6.12.61/6.17.11/6.18.0 Comedi Core Calls Driver drivers/base/driver.c c6xdigio_attach return value

CVE-2025-14586 | TOTOLINK X5000R 9.1.0cu.2089_B20211224 cstecgi.cgi?action=exportOvpn&type=user snprintf User os command injection

CVE-2024-21899 | QNAP QTS/QuTS hero/QuTScloud improper authentication (qsa-24-09)