VYPR
Unrated severityNVD Advisory· Published Mar 8, 2023· Updated Mar 12, 2025

CVE-2022-4007

CVE-2022-4007

Description

A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed attackers to perform arbitrary actions on behalf of victims at client side.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    <15.7.8 || >=15.8 <15.8.4 || >=15.9 <15.9.2+ 1 more
    • (no CPE)range: <15.7.8 || >=15.8 <15.8.4 || >=15.9 <15.9.2
    • (no CPE)range: >=15.3, <15.7.8
  • osv-coords
    Range: >= 15.3.0, < 15.7.8

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.