BIT-GITLAB-2023-5512 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect...

PT-2024-1650 · Microsoft · Dynamics 365

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks...

Code Injection

Gitlab is vulnerable to Code Injection. The vulnerability is caused due to lack of validation of file names. An attacker can inject code which can alter the representation of the UI...

CVE-2023-5512

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect...

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect...

CVE-2023-5512

Removed by vendor...

CVE-2023-5512 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect...

The vulnerability of Google Chrome’s Picture-in-Picture (PiP) technology, which allows attackers to carry out spoofing attacks

The vulnerability of Google Chrome’s Picture-in-Picture PiP technology is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

The vulnerability of the RTL Arabic Character Handler component in the Mozilla Firefox browser allows attackers to perform spoofing attacks using a specially created web page.

The vulnerability of the RTL Arabic Character Handler component in the Mozilla Firefox browser is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created web page...

PT-2020-4773 · Microsoft · Office

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in Microsoft Office. It may allow a remote attacker to conduct spoofing attacks...