Описание
GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses.
Ссылки
- Release NotesVendor Advisory
- Broken Link
- Permissions Required
Уязвимые конфигурации
Одно из
EPSS
3.1 Low
CVSS3
3.5 Low
CVSS3
Дефекты
Связанные уязвимости
GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses.
GitLab has remediated an issue in GitLab EE affecting all versions fro ...
GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с неправильной обработкой данных с кодированием URL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
3.1 Low
CVSS3
3.5 Low
CVSS3