The host is installed with GitLab CE/EE 15.0 before 15.0.1 and is prone to an cross-Site scripting vulnerability. A flaw is present in the application, which fails to validate the input used in quick actions. Successful exploitation allows attackers to exploit XSS.