Security Advisory
CVE-2021-22171
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victims API token if they click on a maliciously crafted link