Site icon API Security Blog

GitLab 11.1 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-4283)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability could allow for an account takeover by breaking the OAuth flow. (CVE-2024-4283) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More

Exit mobile version