URL redirection to untrusted site vulnerability in GitLab CE/EE - CVE-2022-2250 (rpm)ID: oval:org.secpod.oval:def:84689 | Date: (C)2022-10-04 (M)2023-08-03 |
Class: VULNERABILITY | Family: unix |
The host is installed with GitLab CE/EE 11.1 before 14.10.5, 15.0 before 15.0.4 or 15.1 before 15.1.1 and is prone to a URL redirection to untrusted site vulnerability. A flaw is present in the application, which fails to properly handle issues in unspecified vectors. Successful exploitation could allows an attacker to redirect users to an arbitrary location if they trust the URL.
Product: |
gitlab-ce |
gitlab-ee |