CVE-2026-4332 - Vulnerability Details - OpenCVE

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due to improper input sanitization.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Gitlab	Gitlab

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Gitlab	Gitlab

References

Link	Providers
https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/
https://gitlab.com/gitlab-org/gitlab/-/work_items/593853
https://hackerone.com/reports/3600345

History

Wed, 08 Apr 2026 22:45:00 +0000

Type	Values Removed	Values Added
Description		GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due to improper input sanitization.
Title		Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
First Time appeared		Gitlab Gitlab gitlab
Weaknesses		CWE-79
CPEs		cpe:2.3:a:gitlab:gitlab::::::::
Vendors & Products		Gitlab Gitlab gitlab
References		https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/ https://gitlab.com/gitlab-org/gitlab/-/work_items/593853 https://hackerone.com/reports/3600345
Metrics		cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2026-04-08T22:25:27.848Z

Updated: 2026-04-08T22:25:27.848Z

Reserved: 2026-03-17T14:04:05.574Z

Link: CVE-2026-4332

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-04-08T23:16:59.683

Modified: 2026-04-08T23:16:59.683

Link: CVE-2026-4332

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-09T08:25:40Z

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4332", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2026-03-17T14:04:05.574Z", "datePublished": "2026-04-08T22:25:27.848Z", "dateUpdated": "2026-04-08T22:25:27.848Z"}, "containers": {"cna": {"title": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab", "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due to improper input sanitization."}], "affected": [{"vendor": "GitLab", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "versions": [{"version": "18.2", "status": "affected", "lessThan": "18.8.9", "versionType": "semver"}, {"version": "18.9", "status": "affected", "lessThan": "18.9.5", "versionType": "semver"}, {"version": "18.10", "status": "affected", "lessThan": "18.10.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/593853"}, {"url": "https://hackerone.com/reports/3600345", "name": "HackerOne Bug Bounty Report #3600345", "tags": ["technical-description", "exploit", "permissions-required"]}, {"url": "https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM"}}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.8.9, 18.9.5, 18.10.3 or above."}], "credits": [{"lang": "en", "value": "Thanks [go7f0](https://hackerone.com/go7f0) for reporting this vulnerability through our HackerOne bug bounty program", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-04-08T22:25:27.848Z"}}}}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.2,18.8.9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.9,18.9.5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.10,18.10.3)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "GitLab", "source": "cna", "vendor": "GitLab"}, "product": "gitlab", "vendor": "gitlab"}], "analysis": {"en": {"generated_at": "2026-04-08T23:51:43.006671+00:00", "value": {"mitigation_remediation": ["Upgrade GitLab Enterprise Edition to at least version 18.8.9, 18.9.5, or 18.10.3."], "summary": {"action": "Patch Now", "impact": "Cross\u2011site Scripting"}, "threat_synthesis": {"affected_systems": "The vulnerability affects GitLab EE installations running versions starting at 18.2 and up through 18.10.2, excluding any releases that have been upgraded to 18.8.9, 18.9.5, 18.10.3 or later. Users of any of those previous releases that have not applied the stated patches are exposed.", "description_and_impact": "GitLab Enterprise Edition contains a flaw in its customizable analytics dashboards that allows an authenticated user to submit input that is not properly sanitized before being rendered into a web page. The unsanitized data is inserted as JavaScript, enabling the attacker to execute arbitrary scripts in the browsers of other authenticated users who view the affected dashboard. Such scripts could steal session cookies, perform actions on behalf of the victim, or conduct other client\u2011side attacks.", "risk_and_exploitability": "The CVSS score of 5.4 indicates medium severity. Exploitation requires the attacker to be an authenticated user with permission to edit or create dashboards. Because the impact is limited to the victim\u2019s browser, it does not allow server compromise, but it can lead to credential theft or session hijacking. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting that widespread exploitation has not yet been observed. Nevertheless, the ability to compromise client\u2011side sessions warrants timely remediation."}}}}, "created": "2026-04-09T08:16:14.610040+00:00", "updated": "2026-04-09T08:25:40.462445+00:00", "vendors": ["gitlab", "gitlab$PRODUCT$gitlab"]}