{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T22:57:48.053","vulnerabilities":[{"cve":{"id":"CVE-2025-1763","sourceIdentifier":"cve@gitlab.com","published":"2025-05-30T11:15:20.213","lastModified":"2025-08-08T18:30:08.203","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1."},{"lang":"es","value":"Se ha descubierto un problema en GitLab EE que permite ataques de cross-site-scripting y eludir la política de seguridad de contenido en el navegador de un usuario en condiciones específicas, lo que afecta a todas las versiones desde la 16.6 hasta la 17.9.7, la 17.10 hasta la 17.10.5 y la 17.11 hasta la 17.11.1."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"16.6.0","versionEndExcluding":"17.9.7","matchCriteriaId":"24E20FB2-2D62-44D3-B33F-041B393073DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"16.6.0","versionEndExcluding":"17.9.7","matchCriteriaId":"9B9C18BF-5C6B-4F81-9F0E-13C61C98D4D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"17.10.0","versionEndExcluding":"17.10.5","matchCriteriaId":"C81D345F-13AE-4508-B4C6-60E361EADC00"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"17.10.0","versionEndExcluding":"17.10.5","matchCriteriaId":"CA1D8D06-9A39-43E9-A638-5C82A59C00B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:17.11.0:*:*:*:community:*:*:*","matchCriteriaId":"DC849E49-FBCD-4F20-BCFA-E28BC7FF640F"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:17.11.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"D30C941F-4464-4E1A-AA49-624F451A9A4E"}]}]}],"references":[{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/521718","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking"]},{"url":"https://hackerone.com/reports/3016600","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}