6 matches found
GHSA-GQX9-H3W2-FPRG Gitpod vulnerable to Cross-site Scripting
Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three vscode: vscode-insiders: jetbrains-gateway:...
CVE-2023-32766
Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three vscode: vscode-insiders: jetbrains-gateway:...
CVE-2023-32766
Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three vscode: vscode-insiders: jetbrains-gateway:...
Cross site scripting
Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three vscode: vscode-insiders: jetbrains-gateway:...
Gitpod 跨站脚本漏洞
Gitpod is an open source Kubernetes application for automated and ready-to-use code development environments that can be integrated into your existing workflow. A security vulnerability exists in Gitpod versions prior to 2022.11.3, which stems from the presence of a cross-site scripting XSS...
PT-2023-24012 · Gitpod · Gitpod
Name of the Vulnerable Software and Affected Versions: Gitpod versions prior to 2022.11.3 Description: The issue allows for XSS because redirection can occur for some protocols outside of the trusted set of three, which includes vscode:, vscode-insiders:, and jetbrains-gateway:. Recommendations:...