CVE-2026-8589 | GitLab Enterprise Edition up to 18.10.7/18.11.4/19.0.1 Setting cross site scripting

A vulnerability was found in GitLab Enterprise Edition up to 18.10.7/18.11.4/19.0.1. It has been declared as problematic. The affected element is an unknown function of the component Setting Handler. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2026-8589. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More