GitLab Patch: High-Severity XSS & AI Flaws Expose User Data

GitLab has issued a critical security release for its Community Edition (CE) and Enterprise Edition (EE) platforms, patching a raft of vulnerabilities that range from high-severity Cross-Site Scripting (XSS) to unauthorized AI model access. The updates—versions 18.7.1, 18.6.3, and 18.5.5—are available immediately, and self-managed installations are strongly urged to upgrade.

Leading the pack are three High severity flaws that could compromise user accounts and sensitive data.

• Stored XSS in Markdown (CVE-2025-9222): This vulnerability carries a CVSS score of 8.7, making it the most critical bug in the batch. It allows an authenticated user to inject malicious scripts via “GitLab Flavored Markdown placeholder processing.” Once stored, these scripts could execute in the browser of any user viewing the compromised content.
• Web IDE XSS (CVE-2025-13761): With a CVSS score of 8.0, this flaw is a classic trap. It allows an unauthenticated attacker to execute arbitrary code in a victim’s browser simply by convincing them to visit a “specially crafted webpage” that interacts with the Web IDE.
• Duo Workflows API Authorization Bypass (CVE-2025-13772): Rated with a CVSS of 7.1, this Enterprise Edition-exclusive flaw allows an authenticated user to “access and utilize AI model settings from unauthorized namespaces” by manipulating API requests.

The update also addresses several medium-severity issues that highlight the complexities of modern DevOps environments.

• AI GraphQL Mutation (CVE-2025-13781): Another EE-specific bug allows users to “modify instance-wide AI feature provider settings” due to missing authorization checks.
• Import DoS (CVE-2025-10569): Authenticated users could trigger a Denial of Service by providing “crafted responses to external API calls” during the import process.
• Runner Manipulation (CVE-2025-11246): A permissions flaw allows users to “remove all project runners from unrelated projects” by tweaking GraphQL runner associations.

The vulnerabilities affect a wide range of versions, with some like the “Mermaid diagram rendering” leak (CVE-2025-3950) impacting versions as far back as 10.3.

Administrators should upgrade to 18.7.1, 18.6.3, or 18.5.5 immediately to secure their pipelines.

Related Posts:

• GitLab Releases Security Updates: XSS and Authorization Bypass Flaws Patched
• GitLab Patches High-Severity Flaws: Update Now to Prevent XSS and Account Takeover
• GitLab Releases Security Update to Patch XSS and Account Takeover Flaws
• Developers move to GitLab after GitHub was acquired by Microsoft
• GitLab Update: High-Severity XSS & Data Exposure Flaws Patched