gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles GraphQL mutations. An attacker can exploit this vulnerability to perform Git acti ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists in the GraphQL API, allowing an attacker to call mutations as the victimRead More ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Information Disclosure. This vulnerability occurs due to a flaw in the way that GitLab handles GraphQL queries. An attacker can exploit this vulnerability to access project det ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Improper Authorization. The vulnerability exists due to improper access to some particular fields through the GraphQL API which allows an attacker to perform unauthorized actio ...
Continue Reading
August 11, 2023
gitlab is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the lack of length validation of the library, which allows an attacker to create a large Issue description via GraphQL, ...
Continue Reading
August 10, 2023
## Summary: By tampering with the POST request to the endpoint CreateOrUpdateSo5LineupMutation while editing a team you can change all football players to have the captain attribute to 'true'. This g ...
Continue Reading
August 02, 2023
[]() As part of [**Checkmarx's mission**]() to help organizations develop and dep ...
Continue Reading
July 28, 2023
directus is vulnerable to Improper Permission Checks. The vulnerability exists because the permission filters such as `user_created IS $CURRENT_USER` are not properly checked in the library when using ...
Continue Reading
July 28, 2023
Back to Main
