An issue has been discovered in GitLab affecting versions before 12.10.13. GitLab was vulnerable to a stored XSS in import the Bitbucket project feature.
gitlab gitlab