cvedb.io
CVE-2022-4007
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2023-03-08T23:15:10.817 · Last modified 2026-06-17T05:19:44.390

Summary

A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed attackers to perform arbitrary actions on behalf of victims at client side.

Affected products

gitlab — gitlab

Does this affect you?

Add your gear to cvedb and we'll alert you only when gitlab ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.