exploitDog

GHSA-p66q-2x4m-xxx9

Опубликовано: 16 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.

Ссылки

EPSS

Процентиль: 25%

0.00082

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2018-17451

CVSS3: 8.8

ubuntu

около 2 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.

CVE-2018-17451

CVSS3: 8.8

nvd

около 2 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.

CVE-2018-17451

CVSS3: 8.8

debian

около 2 лет назад

An issue was discovered in GitLab Community and Enterprise Edition bef ...

EPSS

Процентиль: 25%

0.00082

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352