Regression for XSS in User Status
The patch for #55320 (closed) was not included in the 11.7.3 security release. Therefore, since it has been publicly disclosed and we should:
Create a post-deployment patch for
- Include it in the upcoming critical security release.
Original Issue: #55320 (closed)
Security Issue: https://dev.gitlab.org/gitlab/gitlabhq/issues/2786
https://dev.gitlab.org/gitlab/gitlabhq/issues/2786#note_150471 captures why this was missed