A Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1. An attacker could take over a project if an Owner or Maintainer uploads a file to a malicious project.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2023-02-13T00:00:00

Updated: 2024-08-03T01:27:54.535Z

Reserved: 2022-11-24T00:00:00

Link: CVE-2022-4138

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-02-13T23:15:11.493

Modified: 2023-02-27T17:43:50.757

Link: CVE-2022-4138

cve-icon Redhat

No data.