Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-0427

Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.8%
CVSS Severity
CVSS v3 Score 7.7
CVSS v2 Score 6.8
Products affected by CVE-2022-0427
  • Gitlab » Gitlab » Version: 14.5
    cpe:2.3:a:gitlab:gitlab:14.5
  • Gitlab » Gitlab » Version: 14.5.0
    cpe:2.3:a:gitlab:gitlab:14.5.0
  • Gitlab » Gitlab » Version: 14.5.1
    cpe:2.3:a:gitlab:gitlab:14.5.1
  • Gitlab » Gitlab » Version: 14.5.2
    cpe:2.3:a:gitlab:gitlab:14.5.2
  • Gitlab » Gitlab » Version: 14.5.3
    cpe:2.3:a:gitlab:gitlab:14.5.3
  • Gitlab » Gitlab » Version: 14.6
    cpe:2.3:a:gitlab:gitlab:14.6
  • Gitlab » Gitlab » Version: 14.6.0
    cpe:2.3:a:gitlab:gitlab:14.6.0
  • Gitlab » Gitlab » Version: 14.6.1
    cpe:2.3:a:gitlab:gitlab:14.6.1
  • Gitlab » Gitlab » Version: 14.6.2
    cpe:2.3:a:gitlab:gitlab:14.6.2
  • Gitlab » Gitlab » Version: 14.6.3
    cpe:2.3:a:gitlab:gitlab:14.6.3
  • Gitlab » Gitlab » Version: 14.7.0
    cpe:2.3:a:gitlab:gitlab:14.7.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved