XSS Vulnerability in GitLab CE/EE Versions 14.3 to 14.5.2: Abusing Emoji HTML Code Generation
CVE-2021-39946 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis
Learn more about our User Device Pen Test.