CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-1401

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.7%

CVSS Severity

CVSS v3 Score 5.0

References

https://gitlab.com/gitlab-org/gitlab/-/issues/396533
https://hackerone.com/reports/1889255
https://gitlab.com/gitlab-org/gitlab/-/issues/396533
https://hackerone.com/reports/1889255

Products affected by CVE-2023-1401

Gitlab » Gitlab » Version: 3.0.29

cpe:2.3:a:gitlab:gitlab:3.0.29
Gitlab » Gitlab » Version: 3.1.0

cpe:2.3:a:gitlab:gitlab:3.1.0
Gitlab » Gitlab » Version: 4.0.0

cpe:2.3:a:gitlab:gitlab:4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1401

Products

Pricing

Contact Us