Описание
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Permissions Required
- Third Party Advisory
- ExploitThird Party Advisory
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия до 15.8.5 (исключая)Версия до 15.8.5 (исключая)Версия от 15.9 (включая) до 15.9.5 (исключая)Версия от 15.9 (включая) до 15.9.5 (исключая)Версия от 15.10 (включая) до 15.10.1 (исключая)Версия от 15.10 (включая) до 15.10.1 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 5.4
ubuntu
почти 3 года назад
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown
CVSS3: 5.4
debian
почти 3 года назад
An issue has been discovered in GitLab CE/EE affecting all versions be ...
CVSS3: 5.4
github
почти 3 года назад
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown
EPSS
Процентиль: 29%
0.00107
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-601