CVE-2025-6948: 
GitLab vulnerability analysis and mitigation

A high-severity cross-site scripting (XSS) vulnerability was discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2. The vulnerability, identified as CVE-2025-6948, was discovered on July 10, 2025, and could allow attackers to execute actions on behalf of users through malicious content injection (NVD, GitLab Release).

The vulnerability has been assigned a CVSS v3.1 base score of 8.7 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N. This indicates that the vulnerability requires network access with low attack complexity, requires low-level privileges and user interaction, and has the potential to impact both confidentiality and integrity with no impact on availability. The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation) (NVD, Cybersecurity News).

The vulnerability allows attackers to execute actions on behalf of users by injecting malicious content. The high CVSS score indicates significant potential impact on both confidentiality and integrity of the affected systems, with the scope being changed, meaning the vulnerable component can impact resources beyond its security scope (GitLab Release, Cybersecurity News).

GitLab has released security patches in versions 18.1.2, 18.0.4, and 17.11.6 for both Community Edition (CE) and Enterprise Edition (EE). Organizations are strongly recommended to upgrade their GitLab installations to these patched versions immediately. GitLab.com is already running the patched version, and GitLab Dedicated customers do not need to take action (GitLab Release).

The vulnerability was discovered through GitLab's HackerOne bug bounty program by researcher yvvdwf, highlighting the importance of responsible disclosure in identifying security flaws. The security community has emphasized the critical nature of this vulnerability and the need for immediate patching (Cybersecurity News).