This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE).
The vulnerability is due to improper input validation of the default branch name. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target system. Successful exploitation could result in the execution of script code in the security context of a target users browser.
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) prior to 14.0.7
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) prior to 14.1.2
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected application.
Apply the most recent upgrade or patch from the vendor.