Security Advisory

CVE-2022-1190

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-04 19:46:15

Last updated 2024-08-02 23:55:24

Assigner GitLab

State PUBLISHED

Description

Improper handling of user input in GitLab CE/EE versions 8.3 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to exploit a stored XSS by abusing multi-word milestone references in issue descriptions, comments, etc.

← Browse all CVEs View on cve.org ↗