Security Advisory

CVE-2021-22223

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-06 21:50:25

Last updated 2024-08-03 18:37:18

Assigner GitLab

State PUBLISHED

Description

Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link

← Browse all CVEs View on cve.org ↗