Описание
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Permissions Required
- Third Party Advisory
- ExploitThird Party Advisory
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия до 15.8.5 (исключая)Версия до 15.8.5 (исключая)Версия от 15.9 (включая) до 15.9.5 (исключая)Версия от 15.9 (включая) до 15.9.5 (исключая)Версия от 15.10 (включая) до 15.10.1 (исключая)Версия от 15.10 (включая) до 15.10.1 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 27%
0.00094
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 5.4
ubuntu
больше 2 лет назад
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown
CVSS3: 5.4
debian
больше 2 лет назад
An issue has been discovered in GitLab CE/EE affecting all versions be ...
CVSS3: 5.4
github
больше 2 лет назад
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown
EPSS
Процентиль: 27%
0.00094
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-601