GitLab 18.8.3 Security Release — Protect Your Instance with Latest Patch

GitLab 18.8.3 Security Update Now Available

GitLab has released version 18.8.3, a critical security update for users running GitLab Community and Enterprise Editions. This release addresses several key vulnerabilities and is strongly recommended for all deployments using earlier 18.8.x versions.

The update patches three important security issues:

• Stored XSS in the merge request interface: Introduced due to insufficient sanitisation of input fields, potentially allowing attackers to execute arbitrary code.
• Improper permission validation for email notifications: Which could allow confidential issue titles to be exposed to unauthorised recipients.
• Insufficient restrictions for protected tag deletion: Permitting users without appropriate permissions to delete or overwrite protected tags under certain conditions.

All GitLab administrators are urged to update their installations immediately to ensure protection against potential exploitation. The 18.8.3 release is available via official download sources for GitLab Community (gitlab-ce) and GitLab Enterprise (gitlab-ee).

For customers and teams in the Czech Republic, Slovakia, Croatia, Serbia, Slovenia, Macedonia, United Kingdom, and globally for remote support in Israel, South Africa, and Paraguay, IDEA GitLab Solutions offers expert guidance, professional consulting, and licensed GitLab services to help you maintain secure and efficient DevSecOps workflows.

Contact us today and ensure your GitLab environment is up-to-date and professionally managed.

• GitLab Credits Now Available: Streamline Billing and Resource Usage
• Customising GitLab Duo Chat with Rules, Prompts, and Workflows
• Harnessing GitLab Duo: Multi-Agent Workflows Redefined
• GitLab 18.7 Release: AI Code Suggestions, Compliance Reporting and More
• GitLab 18.6 Release Highlights – From Configuration to Full Control