CVE-2025-1763 – GitLab EE Cross-Site Scripting and Content Security Policy Bypass Vulnerability

CVE ID : CVE-2025-1763

Published : May 30, 2025, 11:15 a.m. | 44 minutes ago

Description : An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user’s browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…