XSS Vulnerability in GitLab CE/EE Versions 14.4 - 14.9.2

XSS Vulnerability in GitLab CE/EE Versions 14.4 - 14.9.2

CVE-2022-1175 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to exploit XSS by injecting HTML in notes.

Learn more about our User Device Pen Test.