Cross site request forgery (csrf)

2020-04-0819:15:00

PRIOn knowledge base

www.prio-n.com

0.002 Low

EPSS

Percentile

55.1%

GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget.

CPENameOperatorVersion
gitlabge8.17.0
gitlable12.9
gitlabge8.17.0
gitlable12.9

Name	Operator	Version
gitlab	ge	8.17.0
gitlab	le	12.9
gitlab	ge	8.17.0
gitlab	le	12.9

References

about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/

about.gitlab.com/releases/categories/releases/

0.002 Low

EPSS

Percentile

55.1%

Related for PRION:CVE-2020-10976