CVE-2025-2443 | GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 Content Security Policy cross site scripting (Issue 525363)

A vulnerability has been found in GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 and classified as problematic. This vulnerability affects unknown code of the component Content Security Policy Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-2443. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More