← Back to CVE List
CVE-2021-22223
Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt