---

CVE-2021-22238 - log back

CVE-2021-22238 edited at 31 Aug 2021 18:57:13
References	https://about.gitlab.com/releases/2021/08/31/security-release-gitlab-14-2-2-released/#stored-xss-in-markdown-via-the-design-reference + https://gitlab.com/gitlab-org/gitlab/-/issues/332420 + https://hackerone.com/reports/1212067

CVE-2021-22238 edited at 31 Aug 2021 18:51:25
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Cross-site scripting
Description	+ An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored cross-site scripting (XSS) attack by using the design feature in issues.
References	+ https://about.gitlab.com/releases/2021/08/31/security-release-gitlab-14-2-2-released/#stored-xss-in-markdown-via-the-design-reference
Notes

CVE-2021-22238 created at 31 Aug 2021 18:50:20