5 matches found
CVE-2021-22171
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...
GitLab 11.5.0 < 13.5.6 / 13.6.0 < 13.6.4 / 13.7.0 < 13.7.2 (CVE-2021-22171)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link CVE-2021-22171 Note...
CVE-2021-22171
GitLab CVE-2021-22171 affects GitLab Pages in GitLab 11.5 and later. The root cause is insufficient validation of authentication parameters, enabling an attacker to steal a victim’s API token when the user clicks a maliciously crafted link. Documents consistently describe this vector as the impac...
CVE-2021-22171
Removed by vendor...
[ASA-202101-10] gitlab: multiple issues
Arch Linux Security Advisory ASA-202101-10 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-26414 CVE-2021-22166 CVE-2021-22167 CVE-2021-22168 CVE-2021-22171 Package : gitlab Type : multiple issues Remote : Yes Link :...