An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 where it was possible to create a URL that would redirect to a different project.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/395437 | Broken Link |
https://hackerone.com/reports/1889230 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
07 Sep 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
First Time |
Gitlab gitlab
Gitlab |
|
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/395437 - Broken Link | |
References | (MISC) https://hackerone.com/reports/1889230 - Permissions Required | |
CPE | cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-601 |
01 Sep 2023, 11:47
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-01 11:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-1279
Mitre link : CVE-2023-1279
CVE.ORG link : CVE-2023-1279
JSON object : View
Products Affected
gitlab
- gitlab