Stored XSS in Notes (with CSP bypass for gitlab.com) - Cache invalidation
We resolved #353370 (closed) by sanitising the user provided input before rendering it, but as noted in #353370 (comment 899460658) we didn't invalidate existing cached fields that can contain vulnerable rendered html.
Related to Stored XSS in Notes (with CSP bypass for gitlab... (#353370 - closed)
Edited by Sincheol (David) Kim