Unrated severityNVD Advisory· Published Apr 5, 2023· Updated Feb 11, 2025
CVE-2022-3513
CVE-2022-3513
Description
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims on self-hosted instances running without strict CSP.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>=12.8, <15.8.5; >=15.9, <15.9.4; >=15.10, <15.10.1+ 1 more
- (no CPE)range: >=12.8, <15.8.5; >=15.9, <15.9.4; >=15.10, <15.10.1
- (no CPE)range: >=12.8, <15.8.5
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.