Security Advisory

CVE-2021-22171

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-15 15:10:39
Last updated 2024-08-03 18:37:18
Assigner GitLab
State PUBLISHED

Description

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victims API token if they click on a maliciously crafted link