An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4317.json | Vendor Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/384997 | Exploit Vendor Advisory |
https://hackerone.com/reports/1767533 | Permissions Required |
Configurations
Configuration 1 (hide)
|
Information
Published : 2023-03-09 12:15
Updated : 2023-03-15 09:36
NVD link : CVE-2022-4317
Mitre link : CVE-2022-4317
JSON object : View
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Products Affected
gitlab
- dynamic_application_security_testing_analyzer