The version of GitLab installed on the remote host is 15.5 prior to 15.7.8, 15.8.4, 15.9.2. It is, therefore, affected by a vulnerability as referenced in the SECURITY-RELEASE-GITLAB-15-9-2-RELEASED advisory.
– An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the project settings. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, 5.3). It is now mitigated in the latest release and is assigned CVE-2023-0223. (CVE-2023-0223)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More

