VYPR
Unrated severityNVD Advisory· Published Jul 6, 2021· Updated Aug 3, 2024

CVE-2021-22223

CVE-2021-22223

Description

Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.