Malicious code in gitlab-accountid (npm)

The package communicates with a domain associated with malicious activity...

PT-2022-12999 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 7.7 through 14.4.4 GitLab versions 14.5.0 through 14.5.2 GitLab versions 14.6.0 through 14.6.1 Description: The issue allows a malicious user to perform a Cross-Site Request Forgery attack, enabling them to import their GitHub...