Published: 08/06/2021 Updated: 12/07/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an malicious user to leak an OAuth access token by getting the victim to visit a malicious page with Safari

Vulnerable Product	Search on Vulmon	Subscribe to Product
gitlab gitlab

A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 710 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari ...

Nmap script to guess* a GitLab version.

gitlab-version-nse Nmap script to guess* a GitLab version Usage git clone githubcom/righel/gitlab-version-nse cd gitlab-version-nse nmap <target> --script /gitlab_versionnse [--script-args="showcves", --script-args="subdir=/custom-subdir"] use --script-args="showcves" to get versio

NVD-CWE-Other https://hackerone.com/reports/1089277 https://gitlab.com/gitlab-org/gitlab/-/issues/300308 https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22213.json https://nvd.nist.gov https://github.com/righel/gitlab-version-nse https://security.archlinux.org/CVE-2021-22213

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-22213

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect