CVE-2025-0362

MEDIUM Year: 2025
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. Under certain conditions, an attacker could potentially trick users into unintentionally authorizing sensitive actions on their behalf.

Related Vulnerabilities

CVE-2022-2965

MEDIUM
CVSS:6.4(Medium)

Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.

CWE-10212022

CVE-2013-2675

MEDIUM
CVSS:6.5(Medium)

Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnerability which could allow remote attackers to obtain sensitive information.

CWE-10212013

CVE-2017-20041

MEDIUM
CVSS:6.5(Medium)

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title lead...

CWE-10212017

CVE-2017-5016

MEDIUM
CVSS:6.5(Medium)

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a ...

CWE-10212017

CVE-2017-5697

MEDIUM
CVSS:6.5(Medium)

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote...

CWE-10212017