Lucene search
PRIOn knowledge basePRION:CVE-2022-3573HistoryJan 12, 2023 - 4:15 a.m.
Input validation
2023-01-1204:15:00
PRIOn knowledge base
www.prio-n.com
2
gitlab ce/ee
version 15.4
version 15.5.7
version 15.6
version 15.6.4
version 15.7
version 15.7.2
javascript execution
query parameters
wiki changes
improper filtering
self-hosted instances
strict csp
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute arbitrary JavaScript on the self-hosted instances running without strict CSP.
Related
ubuntucve
ubuntucve
CVE-2022-3573
2023-01-12 00:00:00
cve
cve
CVE-2022-3573
2023-01-12 04:15:08
debiancve
debiancve
CVE-2022-3573
2023-01-12 04:15:08
osv
osv
CVE-2022-3573
2023-01-12 04:15:08
BIT-gitlab-2022-3573
2024-03-06 11:14:03
cvelist
cvelist
CVE-2022-3573
2023-01-12 00:00:00
nessus
nessus
GitLab < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 XSS (CVE-2022-3573)
2023-02-08 00:00:00
GitLab 15.4 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3573)
2024-01-03 00:00:00
nvd
nvd
CVE-2022-3573
2023-01-12 04:15:08
veracode
veracode
Cross-site Scripting (XSS)
2023-07-23 18:48:20
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2023-01-09 00:00:00