CVE-2022-3870

CVE-2022-3870

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitLab allows unauthenticated users to download user avatars using the victim’s user ID, on private instances that restrict public level visibility.

Source: CVE-2022-3870

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다