CVE-2026-1090 | GitLab Community Edition/Enterprise Edition up to 18.7.5/18.8.5/18.9.1 cross site scripting

A vulnerability described as problematic has been identified in GitLab Community Edition and Enterprise Edition up to 18.7.5/18.8.5/18.9.1. This affects an unknown function. Executing a manipulation can lead to cross site scripting.

This vulnerability is handled as CVE-2026-1090. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More