High-severity GitLab flaw lets attackers take over accounts By Sergiu Gatlan May 23, 2024 01:43 PM 0 GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. The security flaw (tracked as CVE-2024-4835) is an XSS weakness in the VS code editor (Web IDE) that lets threat actors steal restricted information using maliciously crafted pages. While they can exploit this vulnerability in attack...