The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in insufficient data cleansing, which allows attackers to carry out XSS attacks.
The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE relates to insufficient cleaning of data provided by users in the Asciidoctor render. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...