An issue exists in GitLab Enterprise Edition 11.3.x and 11.4.x prior to 11.4.13, 11.5.x prior to 11.5.6, and 11.6.x prior to 11.6.1. It allows XSS.
gitlab gitlab