CVE-2022-3573

CVE-2022-3573

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute arbitrary JavaScript on the self-hosted instances running without strict CSP.

Source: CVE-2022-3573

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다