CVE-2022-1433 log
| Source |
|
| Severity | Low |
| Remote | Unknown |
| Type | Unknown |
| Description | Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute in all GitLab versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2696 | gitlab | 14.10-1 | 14.10.2-1 | High | Fixed |