CVE-2021-22171

Name of the Vulnerable Software and Affected Versions: GitLab versions 11.5 and later

Description: The issue is related to insufficient validation of authentication parameters in GitLab Pages, allowing an attacker to steal a victim's API token if they click on a maliciously crafted link.

Recommendations: For GitLab versions 11.5 and later, update to a version that includes the fix for this issue to prevent API token theft. As a temporary workaround, consider restricting access to GitLab Pages until the issue is resolved. Avoid clicking on suspicious links to minimize the risk of exploitation.