The host is installed with GitLab CE/EE 11.3.4 before 15.1.5, 15.2 before 15.2.3 or 15.3 before 15.3.1 and is prone to a remote command execution vulnerability. A flaw is present in the application, which fails to properly validate the input within the Import from GitHub API endpoint. Successful exploitation allows an authenticated remote attacker to pass specially crafted data to the application and execute arbitrary commands on the target system.