CVE-2023-1965|An issue has been discovered in... - VULHUB开源网络安全威胁库

An issue has been discovered in... CVE-2023-1965

- AV AC AU C I A

发布： 2023-05-03

修订： 2023-05-09

CWE-352
linuxnetwork

An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access tokens granted for 3rd party Group SAML SSO logins. This feature isn't enabled by default.

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有3条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™

An issue has been discovered in... CVE-2023-1965

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单