Lukas Eipert

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 16.0 through 16.3.5 GitLab CE/EE versions 16.4 through 16.4.1 GitLab CE/EE versions 16.5.0 **Description** An issue has been discovered in GitLab CE/EE which may unintentionally disclose GitLab version metadata to unauthorized actors. This issue affects versions with the `super sidebar logged out` feature flag enabled. **Recommendations** For versions 16.0 through 16.3.5, update to version 16.3.6 or later to resolve the issue. For versions 16.4 through 16.4.1, update to version 16.4.2 or later to resolve the issue. For version 16.5.0, update to version 16.5.1 or later to resolve the issue. As a temporary workaround, consider disabling the `super sidebar logged out` feature flag until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.2.7 GitLab Community and Enterprise Edition versions 11.3.x prior to 11.3.8 GitLab Community and Enterprise Edition versions 11.4.x prior to 11.4.3 **Description** An issue was discovered that has XSS. **Recommendations** For versions prior to 11.2.7, update to version 11.2.7 or later. For versions 11.3.x prior to 11.3.8, update to version 11.3.8 or later. For versions 11.4.x prior to 11.4.3, update to version 11.4.3 or later.