CVE-2021-39906 - log back

CVE-2021-39906 edited at 28 Oct 2021 15:12:47
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Cross-site scripting
Description
+ Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf.
References
+ https://about.gitlab.com/releases/2021/10/28/security-release-gitlab-14-4-1-released/
CVE-2021-39906 created at 28 Oct 2021 15:08:24