CVE-2021-22208
MEDIUMGitLab 13.5.0-13.9.7 - Unauthenticated Issue Timestamp Manipulation
Title source: llmDescription
An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change of timestamp for issue creation or update.
References (2)
Core 2
Core References
Broken Link x_refsource_misc
https://gitlab.com/gitlab-org/gitlab/-/issues/301212
Vendor Advisory x_refsource_confirm
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22208.json
Scores
CVSS v3
4.3
EPSS
0.0018
EPSS Percentile
39.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
Status
published
Products (1)
gitlab/gitlab
13.5.0 - 13.9.7 (2 CPE variants)
Published
May 06, 2021
Tracked Since
Feb 18, 2026