Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation

14/08/2025

GitLab has released emergency security patches addressing multiple critical vulnerabilities that could enable attackers to perform account takeovers and execute stored cross-site scripting (XSS) attacks.

The patches were released on August 13, 2025, affecting GitLab Community Edition (CE) and Enterprise Edition (EE) across versions 18.2.2, 18.1.4, and 18.0.6.

Key Takeaways
1. GitLab patched three high-severity flaws.
2. Update immediately to versions 18.0.6, 18.1.4, or 18.2.2 to prevent exploitation.
3. Affects all GitLab editions with some vulnerabilities dating back to version 14.2.

Cross-Site Scripting Vulnerabilities

Three high-severity XSS vulnerabilities with CVSS scores of 8.7 pose significant threats to GitLab users.

CVE-2025-6186 represents the most critical flaw, allowing authenticated users to achieve account takeover by injecting malicious HTML content into work item names. This vulnerability affects GitLab CE/EE versions from 18.1 before 18.1.4 and 18.2 before 18.2.2.

CVE-2025-7734 impacts the blob viewer component, enabling attackers to execute actions on behalf of users by injecting malicious content under certain conditions.

This vulnerability affects all versions from 14.2 before the patched releases. CVE-2025-7739 specifically targets scoped label descriptions, allowing authenticated users to achieve stored XSS by injecting malicious HTML content. This flaw affects only GitLab version 18.2 before 18.2.2.

The CVSS vector CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N indicates these vulnerabilities can be exploited over networks with low attack complexity, requiring only low privileges and user interaction.

Permission and Authorization Vulnerabilities

CVE-2025-8094 addresses an improper handling of permissions issue in the project API, with a CVSS score of 7.7.

This vulnerability could allow authenticated users with maintainer privileges to cause denial of service to other users’ CI/CD pipelines by manipulating shared infrastructure resources beyond their intended access level.

Several medium-severity vulnerabilities compound the security risks, including CVE-2024-12303 for incorrect privilege assignment in delete issues operations and CVE-2024-10219 for incorrect authorization in jobs API that could allow bypassing access controls to download private artifacts.

CVETitleCVSS 3.1 ScoreSeverityCVE-2025-7734Cross-site scripting issue in blob viewer impacts GitLab CE/EE8.7HighCVE-2025-7739Cross-site scripting issue in labels impacts GitLab CE/EE8.7HighCVE-2025-6186Cross-site scripting issue in Workitem impacts GitLab CE/EE8.7HighCVE-2025-8094Improper Handling of Permissions issue in project API impacts GitLab CE/EE7.7HighCVE-2024-12303Incorrect Privilege Assignment issue in delete issues operation impacts GitLab CE/EE6.7MediumCVE-2025-2614Allocation of Resources Without Limits issue in release name creation impacts GitLab CE/EE6.5MediumCVE-2024-10219Incorrect Authorization issue in jobs API impacts GitLab CE/EE6.5MediumCVE-2025-8770Authorization issue in Merge request approval policy impacts GitLab EE6.5MediumCVE-2025-2937Inefficient Regular Expression Complexity issue in wiki impacts GitLab CE/EE6.5MediumCVE-2025-1477Allocation of Resources Without Limits issue in Mattermost integration impacts GitLab CE/EE6.5MediumCVE-2025-5819Incorrect Permission Assignment issue in ID token impacts GitLab CE/EE5.0MediumCVE-2025-2498Insufficient Access Control issue in IP Restriction impacts GitLab EE3.1Low

Mitigations

GitLab strongly recommends immediate upgrades to the latest patched versions for all self-managed installations.

The vulnerabilities were discovered through GitLab’s HackerOne bug bounty program by security researchers, including joaxcar, yvvdwf, abdelrahman_maged, and others.

GitLab.com instances are already running patched versions, while GitLab Dedicated customers require no action.

The patches include both regular migrations and post-deploy migrations that may impact upgrade processes, particularly for single-node instances, which will experience downtime during upgrades.

Organizations should prioritize these updates as the combination of account takeover capabilities and XSS exploitation vectors presents significant security risks to development workflows and sensitive code repositories.

Boost your SOC and help your team protect your business with free top-notch threat intelligence: Request TI Lookup Premium Trial.
Source: cybersecuritynews.com

Your RAM has more than one XMP profile, and here's when to use the others

Enabling XMP or EXPO in the motherboard's BIOS is one of the first things all enthusiasts do after building a new PC. It's an easy way to ensure that you're getting the RAM speed you paid for, and often times doesn't compromise stability. They stand for eXtreme Memory Profile and Extended Profiles for Overclocking, and are different flavors of RAM overclocking validation for Intel and AMD, … [Read More...]

Ditching smart home subscriptions for open-source Home Assistant

I quickly grew tired of having countless smart home subscriptions to create the ultimate tech-laden household. And it's not just the usual suspects, like an alarm system, network switches, or some bulbs requiring cloud support plans. Almost everything you can purchase for the "smart home" can come packing some advanced features that require some sort of recurring fee. Like media subscriptions such … [Read More...]

I migrated my cloud photos to my self-hosted Immich, here's how

Like most people, I've been on the Google Photos bandwagon for years now. Photos of trips, birthdays, receipts, and random food snaps have all been backed up to Google Photos. Initially, it was free and convenient as an add-on perk with my Pixel phone. Over time, I ran into the same problems as everyone else. While the perk disappeared, I was locked in, and my growing library pushed me towards … [Read More...]

I replaced Adobe Premiere with DaVinci Resolve, and I'm not missing out on anything

Leaving my Adobe subscriptions behind felt like a gamble at first. Some tools were easy to replace, especially since there are so many great open-source graphics apps out there. But some were harder to replace – finding a decent alternative for After Effects felt like it took forever. And then there was also Premiere Pro. Source: xda-developers.com … [Read More...]

You have to play these Mario games before the Super Mario Galaxy Movie comes out in 2026

Nintendo announced the sequel to The Super Mario Bros. Movie will be hitting theaters on April 3, 2026. The follow-up is titled The Super Mario Galaxy Movie, and was revealed during the Sepember 2025 Nintendo Direct Presentation as part of the celebration of the 40th anniversary of the Super Mario series. To commemorate the occasion, Nintendo is releasing multiple Mario games for the Nintendo … [Read More...]

This week’s best deal is a ‘kids’ Kindle Paperwhite that’s better than the adult version

Our other favorite deals from this week include refurbished Sonos gear and the 8BitDo Ultimate 2 controller.Oct 4, 2025, 5:00 PM UTCSheena Vasani writes about tech news, reviews gadgets, and helps readers save money by highlighting deals and product recommendations for The Verge.Amazon’s Prime Big Deal Days may bring some great Kindle deals, but if you can’t wait, you don’t have to. Right now, the … [Read More...]

Vicinae is basically Raycast for Linux, and it's (almost) everything I wanted

Recently, I've written quite a bit about Raycast, and how it's my absolute favorite app on macOS, and now on Windows as well, thanks to the recent beta launch. But outside of macOS, I'm more of a Linux user these days, and I recently expressed my wish that Raycast would come there, too. Source: xda-developers.com … [Read More...]

Microsoft sneakily drops DLC discounts that come with Xbox Game Pass

After Microsoft decided to jack up the price of its Xbox Game Pass subscriptions to up to $30 a month, it has another unwelcome surprise for members. In a statement provided to multiple outlets like Insider Gaming, a spokesperson for Microsoft confirmed it has removed the discounts for DLC that come with a Game Pass subscription, replacing them by offering points for its Rewards program.While … [Read More...]

The best Amazon Prime Day deals under $50: Early sales on tech from Apple, Anker, Ring, JBL, Roku and others

Prime Day sales are a great opportunity to nab an expensive bit of shiny new tech you’ve been eying — it’s also an excellent time to get a discount on smaller electronics and accessories. For this list, we compared what’s on sale right now with the stuff we recommend in our guides. For less than $50 each, we found deals on some of our favorite tech including batteries, iPhone paraphernalia, mice, … [Read More...]

4 Linux kernel tweaks I made that actually improved performance

If you want something that offers stability, flexibility, and performance, you'll want to consider a Linux distribution. A major part of what makes this operating system (OS) such an easy recommendation is the kernel, the core of what makes everything work. The Linux kernel manages everything from scheduling processes to managing memory allocation and device communication. It's so good that you … [Read More...]