CVE-2023-7045

A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1. By leveraging this vulnerability, an attacker could exfiltrate anti-CSRF tokens via the Kubernetes Agent Server (KAS).
Configurations

No configuration.

History

No history.

Information

Published : 2024-05-23 11:15

Updated : 2024-05-24 01:15


NVD link : CVE-2023-7045

Mitre link : CVE-2023-7045

CVE.ORG link : CVE-2023-7045


JSON object : View

Products Affected

No product.

CWE
CWE-352

Cross-Site Request Forgery (CSRF)