Launchpad.net

CVE 2020-7973

GitLab through 12.7.2 allows XSS.

See the CVE page on Mitre.org for more details.