An issue has been discovered in GitLab EE affecting all versions starting from 15.6 before 15.6.1. It was possible to create a malicious README page due to improper neutralisation of user supplied input.
{ "cpes": [ "cpe:2.3:a:gitlab:gitlab:15.6.0:*:*:*:community:*:*:*", "cpe:2.3:a:gitlab:gitlab:15.6.0:*:*:*:enterprise:*:*:*", "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*" ], "severity": "Medium" }