Unrated severityNVD Advisory· Published Mar 8, 2023· Updated Mar 12, 2025
CVE-2022-4007
CVE-2022-4007
Description
A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed attackers to perform arbitrary actions on behalf of victims at client side.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<15.7.8 || >=15.8 <15.8.4 || >=15.9 <15.9.2+ 1 more
- (no CPE)range: <15.7.8 || >=15.8 <15.8.4 || >=15.9 <15.9.2
- (no CPE)range: >=15.3, <15.7.8
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.