CVE-2021-22196

🗓️ 02 Apr 2021 16:14:37Reported by GitLabType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 48 Views

Issue in GitLab CE/EE allowing stored cross-site-scripting in merge request

Reporter	Title	Published	Views	Family All 15
CNNVD	GitLab 跨站脚本漏洞	2 Apr 202100:00	–	cnnvd
Cvelist	CVE-2021-22196	2 Apr 202116:14	–	cvelist
Debian CVE	CVE-2021-22196	2 Apr 202116:14	–	debiancve
EUVD	EUVD-2021-9342	3 Oct 202520:07	–	euvd
Tenable Nessus	GitLab 13.4 < 13.8.7 / 13.9 < 13.9.5 / 13.10 < 13.10.1 (CVE-2021-22196)	3 Jan 202400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2021-22196	27 Aug 202500:00	–	nessus
NVD	CVE-2021-22196	2 Apr 202117:15	–	nvd
OSV	BIT-GITLAB-2021-22196	6 Mar 202411:20	–	osv
OSV	CVE-2021-22196	2 Apr 202117:15	–	osv
OSV	UBUNTU-CVE-2021-22196	2 Apr 202117:15	–	osv

NVD

Vulners

Node

gitlab gitlabRange13.4.0–13.8.7community

gitlab gitlabRange13.4.0–13.8.7enterprise

gitlab gitlabRange13.9.0–13.9.5community

gitlab gitlabRange13.9.0–13.9.5enterprise

gitlab gitlabRange13.10.0–13.10.1community

gitlab gitlabRange13.10.0–13.10.1enterprise

[
  {
    "product": "GitLab",
    "vendor": "GitLab",
    "versions": [
      {
        "status": "affected",
        "version": ">=13.4, <13.8.7"
      },
      {
        "status": "affected",
        "version": ">=13.9, <13.9.5"
      },
      {
        "status": "affected",
        "version": ">=13.10, <13.10.1"
      }
    ]
  }
]

Source	Link
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/254710
hackerone	www.hackerone.com/reports/977697
gitlab	www.gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22196.json

21 Nov 2024 05:49Current

4.9Medium risk

Vulners AI Score4.9

CVSS 23.5

CVSS 3.15.4 - 6.3

EPSS0.00191

CWE-79

cve-2021-22196 gitlab ce ee stored cross-site-scripting merge request