GHSA-pw3w-gf65-52v7
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: June 17, 2025 6:25 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.