GitLab 9.3 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22230)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...

Code Injection

gitlab is vulnerable to Code Injection. The vulnerability exists due to the improper code rendering while rendering merge requests, which allows an attacker to inject and execute malicious code...