10 matches found
EUVD-2022-42718
Malicious code in bioql PyPI...
CVE-2022-3331
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...
Design/Logic Flaw
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...
CVE-2022-3331
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...
CVE-2022-3331
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...
PT-2022-21762 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.5 through 15.1.5 GitLab EE versions 15.2 through 15.2.3 GitLab EE versions 15.3 through 15.3.1 Description: An issue has been discovered in GitLab EE's Zentao integration, which has an insecure direct object reference th...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE versions 14.5 through 15.1.6,...
CVE-2022-3331
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...
CVE-2022-3331
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...
GitLab: XSS in ZenTao integration affecting self hosted instances without strict CSP
Summary The ZenTao issue integration premium feature is susceptible to an XSS attack by delivering modified API responses to GitLab. This is related and similar to my report https://hackerone.com/reports/1533976 but this time affecting the ZenTao integration. A user can create a project and...