An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 prior to 15.1.6, all versions starting from 15.2 prior to 15.2.4, all versions starting from 15.3 prior to 15.3.2.which allowed an authenticated malicious user to inject arbitrary content. A victim interacting with this content could lead to arbitrary requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |