CVE-2022-1948

Published July 28th, 2022

View on NVD ↗

CVSS v3

8.7

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue has been discovered in GitLab affecting all versions starting from 15.0 before 15.0.1. Missing validation of input used in quick actions allowed an attacker to exploit XSS by injecting HTML in contact details.

gitlab-org/cves

This project hosts the CVEs that have been assigned by GitLab in its role as a CNA. See https://about.gitlab.com/security/cve/ for more information

GitLab