CVE-2021-22227 - log back

CVE-2021-22227 created at 06 Jul 2021 17:46:39
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A reflected cross-site script vulnerability in GitLab before version 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on their behalf if they clicked it.
References
+ https://gitlab.com/gitlab-org/gitlab/-/issues/212887
+ https://hackerone.com/reports/834555
+ https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22227.json
Notes