CVE-2023-1965

An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access toke...

PT-2022-2799 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Enterprise Edition versions 11.10 through 14.9.5 GitLab Enterprise Edition versions 14.10 through 14.10.4 GitLab Enterprise Edition versions 15.0 through 15.0.1 Description: The issue is related to the SCIM feature in GitLab, which can...