PT-2023-16958 · Gitlab · Gitlab Dast Api Scanner+1
Joaxcaron
·
Published
2023-07-26
·
Updated
2024-10-08
·
CVE-2023-1401
CVSS v3.1
5.0
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab DAST scanner versions 3.0.29 through 4.0.5
Description
An issue has been discovered in the GitLab DAST scanner where it leaks cross-site cookies on redirect during authorization.
Recommendations
For versions 3.0.29 through 4.0.5, update to version 4.0.5 or later to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab
Gitlab Dast Api Scanner