FreeBSD : Gitlab -- vulnerabilities (7bfe6f39-78be-11f0-9d03-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7bfe6f39-78be-11f0-9d03-2cf05da270f3 advisory. Gitlab reports: Cross-site scripting issue in blob viewer impacts GitLab CE/EE Cross-site...

Gitlab -- vulnerabilities

Gitlab reports: Cross-site scripting issue in blob viewer impacts GitLab CE/EE Cross-site scripting issue in labels impacts GitLab CE/EE Cross-site scripting issue in Workitem impacts GitLab CE/EE Improper Handling of Permissions issue in project API impacts GitLab CE/EE Incorrect Privilege...

CVE-2023-5356

Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user...

Incorrect Authorization

GitLab CE/EE is vulnerable to Incorrect Authorization. The vulnerability is caused due to incorrect authorization checks in GitLab CE/EE. This can allow a user to abuse slack/mattermost integrations to execute slash commands as another user...

UBUNTU-CVE-2023-5356

Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user...

CVE-2023-5356

GitLab CVE-2023-5356 involves incorrect authorization checks in GitLab CE/EE across affected lines: 8.13–16.5.5, 16.6.x before 16.6.4, and 16.7.x before 16.7.2. The flaw allows a user to abuse Slack/Mattermost integrations to execute slash commands as another user. Impact includes potential high ...

CVE-2023-5356 Incorrect Authorization in GitLab

Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user...

CVE-2023-5356

Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user...

PT-2024-1046 · Mattermost +2 · Mattermost +3

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.13 through 16.5.6 GitLab CE/EE versions 16.6 through 16.6.4 GitLab CE/EE versions 16.7 through 16.7.2 Description: The issue is related to incorrect authorization checks in GitLab, allowing a user to abuse...

FreeBSD : Gitlab -- Multiple Vulnerabilities (1cd89254-b2db-11e9-8001-001b217b3468)

Gitlab reports : GitHub Integration SSRF Trigger Token Impersonation Build Status Disclosure SSRF Mitigation Bypass Information Disclosure New Issue ID IDOR Label Name Enumeration Persistent XSS Wiki Pages User Revokation Bypass with Mattermost Integration Arbitrary File Upload via Import Project...