exploitDog

GHSA-rvcw-fpwr-r263

Опубликовано: 19 янв. 2022

Источник: github

Github: Не прошло ревью

Описание

Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis

Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis

Ссылки

EPSS

Процентиль: 87%

0.03533

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-39946

CVSS3: 8.7

ubuntu

больше 3 лет назад

Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis

CVE-2021-39946

CVSS3: 8.7

nvd

больше 3 лет назад

Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis

CVE-2021-39946

CVSS3: 8.7

debian

больше 3 лет назад

Improper neutralization of user input in GitLab CE/EE versions 14.3 to ...

EPSS

Процентиль: 87%

0.03533

Низкий

CVE ID

Дефекты

CWE-79