Headline
CVE-2022-3572: 2022/CVE-2022-3572.json · master · GitLab.org / cves · GitLab
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration which could lead to a reflected XSS that allowed attackers to perform arbitrary actions on behalf of victims.
Skip to content
GitLab
Next
- GitLab: the DevOps platform
- Explore GitLab
- Install GitLab
- How GitLab compares
- Get started
- GitLab docs
- GitLab Learn
Pricing
Talk to an expert
/
Help
Help
Support
Community forum
Submit feedback
Contribute to GitLab
Projects Groups Snippets
Sign up now
Login
Sign in / Register
- GitLab.org
- cves
- Repository
Switch branch/tag
- cves
- 2022
- CVE-2022-3572.json
Find file BlameHistoryPermalink
Publishing 0 updated advisories and 2 new advisories · 8e57563a
🤖 GitLab Bot 🤖 authored Jan 20, 2023
8e57563a