CVE-2021-22241 log

Severity High
Remote Yes
Type Cross-site scripting
An issue has been discovered in GitLab affecting all versions starting from 13.4 and before 14.1.2. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name.
Group Package Affected Fixed Severity Status Ticket
AVG-2251 gitlab 14.1.1-1 14.1.2-1 High Fixed
Date Advisory Group Package Severity Type
10 Aug 2021 ASA-202108-7 AVG-2251 gitlab High multiple issues