6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
27.6%
Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in victim’s browser.
gitlab.com/gitlab-org/gitlab/-/issues/431201
hackerone.com/reports/2236039