2 matches found
GitLab < 13.8.7 (CVE-2021-22202)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the API. CVE-2021-22202 Note that Nessu...
CVE-2021-22202
CVE-2021-22202 affects GitLab CE/EE (all prior versions) where an admin can be CSRF-ed via the API to System hooks. The issue is described across multiple sources (GitLab CVE entries, Red Hat/RH, OSV, Nessus notes, etc.) with the core flaw being CSRF in System hooks through the API when the victi...