CVE Database · CVE-2023-0326
CVSS v3.1
5.0
EPSS
0.80%
Published
Mar 27, 2023
Modified
Nov 21, 2024
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NAffected Products (1)
References (6)