The host is installed with GitLab CE/EE 8.13 before 14.10.5, 15.0 before 15.0.4 or 15.1 before 15.1.1 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle issues in unspecified vectors. On successful exploitation, under certain conditions, using the REST API an unprivileged user was able to change labels description.