CVE-2022-3572 - Gitlab Gitlab

Moderate 6.1

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration which could lead to a reflected XSS that allowed attackers to perform arbitrary actions on behalf of victims.

Affected software

Gitlab Gitlab

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.