Security Advisory

CVE-2023-5356

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-12 13:56:51

Last updated 2026-04-28 04:05:15

Assigner GitLab

State PUBLISHED

Description

Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user.

← Browse all CVEs View on cve.org ↗