CVE-2021-22238 log

Source
Severity Medium
Remote Yes
Type Cross-site scripting
Description
An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored cross-site scripting (XSS) attack by using the design feature in issues.
Group Package Affected Fixed Severity Status Ticket
AVG-2335 gitlab 14.2.1-1 14.2.2-1 Medium Fixed
References
https://about.gitlab.com/releases/2021/08/31/security-release-gitlab-14-2-2-released/#stored-xss-in-markdown-via-the-design-reference
https://gitlab.com/gitlab-org/gitlab/-/issues/332420
https://hackerone.com/reports/1212067