Vulnerability Details CVE-2021-22225
Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.1%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 3.5
References
Products affected by CVE-2021-22225
-
cpe:2.3:a:gitlab:gitlab:13.11.3
-
cpe:2.3:a:gitlab:gitlab:13.11.4
-
cpe:2.3:a:gitlab:gitlab:13.11.5
-
cpe:2.3:a:gitlab:gitlab:13.12.0
-
cpe:2.3:a:gitlab:gitlab:13.12.1
-
cpe:2.3:a:gitlab:gitlab:13.12.2
-
cpe:2.3:a:gitlab:gitlab:13.12.3
-
cpe:2.3:a:gitlab:gitlab:13.12.4
-
cpe:2.3:a:gitlab:gitlab:13.12.5
-
cpe:2.3:a:gitlab:gitlab:14.0.0
-
cpe:2.3:a:gitlab:gitlab:14.0.1