CVE-2022-1948
Description
An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Missing validation of input used in quick actions allowed an attacker to exploit XSS by injecting HTML in contact details.
References
Permissions Required
Vendor Advisory
Permissions Required
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics