CVE-2021-39885 log

Severity High
Remote Yes
Type Cross-site scripting
A Stored cross-site scripting security issue in merge request creation page in Gitlab EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious approval rule names.
Group Package Affected Fixed Severity Status Ticket
AVG-2432 gitlab 14.3.0-1 High Not affected