CVE-2021-22220

Summary

An issue has been discovered in GitLab affecting all versions starting with 13.10. GitLab was vulnerable to a stored XSS in blob viewer of notebooks.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.12, <13.12.2affected
GitLabGitLab>=13.11, <13.11.5affected
GitLabGitLab>=13.10, <13.10.5affected

Weaknesses

  • Improper neutralization of input during web page generation ('cross-site scripting') in GitLab

ADP Enrichment

CVE Program Container

Additional References

References