HTML injection was possible via the full name field before version 14.0.2 in GitLab CE.
HTML injection was possible via the full name field before version 14.0.2 in GitLab CE.
https://gitlab.com/gitlab-org/gitlab/-/issues/300713 https://hackerone.com/reports/1090634 https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22232.json