Security Advisory

CVE-2021-22213

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-08 18:03:58
Last updated 2024-08-03 18:37:18
Assigner GitLab
State PUBLISHED

Description

A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari