A DOM-based cross-site scripting vulnerability has been identified in GitHub Enterprise Server. This issue allows for improper neutralization of input through the Issues search label filter, potentially leading to privilege escalation and unauthorized workflow triggers. The vulnerability affects all versions prior to GitHub Enterprise Server 3.18.1, 3.17.7, 3.16.10, 3.15.14, and 3.14.19. Exploitation requires an attacker to have access to the target GitHub Enterprise Server instance and to entice a user with elevated privileges to click on a malicious link.
Exploitation of this vulnerability could result in arbitrary code execution in the context of the affected user's browser, allowing for session hijacking, account takeover, and unauthorized actions through the user's account.
To reproduce this vulnerability, a user must be logged into a GitHub Enterprise Server instance with a version prior to the patched releases. The attacker must then send a crafted link that injects a malicious `label:` value into the Issues search. When the victim clicks the link, the injected script executes, exploiting the cross-site scripting vulnerability.
Users should upgrade to GitHub Enterprise Server versions 3.18.1, 3.17.7, 3.16.10, 3.15.14, or 3.14.19.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
