Andor404

**Name of the Vulnerable Software and Affected Versions** GitLab CE versions prior to 13.11.6 GitLab CE versions prior to 13.12.6 GitLab CE versions prior to 14.0.2 **Description** The issue is related to insufficient neutralization of special elements in a request, allowing a remote attacker to impact data integrity. HTML injection was possible via the `full name` field. **Recommendations** For versions prior to 13.11.6, update to version 13.11.6 or later. For versions prior to 13.12.6, update to version 13.12.6 or later. For versions prior to 14.0.2, update to version 14.0.2 or later.