Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-39946

Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.1%
CVSS Severity
CVSS v3 Score 8.7
CVSS v2 Score 3.5
Products affected by CVE-2021-39946
  • Gitlab » Gitlab » Version: 14.3.0
    cpe:2.3:a:gitlab:gitlab:14.3.0
  • Gitlab » Gitlab » Version: 14.3.1
    cpe:2.3:a:gitlab:gitlab:14.3.1
  • Gitlab » Gitlab » Version: 14.3.2
    cpe:2.3:a:gitlab:gitlab:14.3.2
  • Gitlab » Gitlab » Version: 14.3.3
    cpe:2.3:a:gitlab:gitlab:14.3.3
  • Gitlab » Gitlab » Version: 14.3.4
    cpe:2.3:a:gitlab:gitlab:14.3.4
  • Gitlab » Gitlab » Version: 14.3.5
    cpe:2.3:a:gitlab:gitlab:14.3.5
  • Gitlab » Gitlab » Version: 14.4.0
    cpe:2.3:a:gitlab:gitlab:14.4.0
  • Gitlab » Gitlab » Version: 14.4.1
    cpe:2.3:a:gitlab:gitlab:14.4.1
  • Gitlab » Gitlab » Version: 14.4.2
    cpe:2.3:a:gitlab:gitlab:14.4.2
  • Gitlab » Gitlab » Version: 14.4.3
    cpe:2.3:a:gitlab:gitlab:14.4.3
  • Gitlab » Gitlab » Version: 14.5
    cpe:2.3:a:gitlab:gitlab:14.5
  • Gitlab » Gitlab » Version: 14.5.0
    cpe:2.3:a:gitlab:gitlab:14.5.0
  • Gitlab » Gitlab » Version: 14.5.1
    cpe:2.3:a:gitlab:gitlab:14.5.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved