A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests
Credits
Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program
