Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-22225 - log back

CVE-2021-22225 edited at 06 Jul 2021 17:49:30

Description

-	Insufficient input sanitization in markdown in GitLab version 13.11 and up before version 14.0.2 allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown.
+	Insufficient input sanitization in markdown in GitLab version 13.11 and up before version 14.0.2 allows an attacker to exploit a stored cross-site scripting vulnerability via specially-crafted markdown.

References

	https://gitlab.com/gitlab-org/gitlab/-/issues/331051
	https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22225.json

CVE-2021-22225 created at 06 Jul 2021 17:46:39

Severity

+

Medium

Remote

+

Remote

Type

+	Cross-site scripting

Description

+	Insufficient input sanitization in markdown in GitLab version 13.11 and up before version 14.0.2 allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown.

References

+	https://gitlab.com/gitlab-org/gitlab/-/issues/331051
+	https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22225.json

Notes