First published: Tue Jan 18 2022(Updated: )
Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=14.3<14.3.6 | |
GitLab GitLab | >=14.3<14.3.6 | |
GitLab GitLab | >=14.4<14.4.4 | |
GitLab GitLab | >=14.4<14.4.4 | |
GitLab GitLab | >=14.5<14.5.2 | |
GitLab GitLab | >=14.5<14.5.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.