CVE-2025-0376
Published: 12 February 2025
Summary
CVE-2025-0376 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Gitlab Gitlab. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 12.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Deeper analysis
An XSS vulnerability tracked as CVE-2025-0376 affects GitLab Community Edition and Enterprise Edition in all versions from 13.3 up to but not including 17.6.5, 17.7 up to but not including 17.7.4, and 17.8 up to but not including 17.8.2. The flaw, assigned CWE-79, resides in the change page and carries a CVSS 3.1 score of 8.7 reflecting network attack vector, low attack complexity, low privileges required, and required user interaction, with high impact on confidentiality and integrity but none on availability.
An attacker with low privileges can exploit the issue to execute unauthorized actions in a victim's session by supplying malicious content that is rendered on the change page, enabling cross-site scripting that bypasses intended access controls.
The associated EPSS score remains flat at 0.0318 with no material increase after disclosure. Public references point to a GitLab issue tracker entry and a HackerOne report for further technical detail.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-1636
Vulnerability details
An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
XSS in public-facing GitLab web app enables browser session hijacking via crafted pages and phishing delivery.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Filters outputs in the GitLab change page to prevent execution of injected malicious scripts, directly addressing the XSS vulnerability.
Validates inputs to the change page component to block injection of unauthorized code by low-privilege authenticated attackers.
Remediates the specific XSS flaw through timely patching to GitLab versions 17.6.5, 17.7.4, or 17.8.2 as specified in the CVE.