CVE-2024-4597

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-4597
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-4597.json
Published
2024-05-14T15:44:10Z
Modified
2024-05-15T20:12:02Z
Summary
[none]
Details

An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. An attacker could force a user with an active SAML session to approve an MR via CSRF.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events