CVE-2023-0042

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-0042
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Impact Score: 2.7
Exploitability Score: 2.8

gitlab
CVE ID: CVE-2023-0042
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Impact Score: 4.0
Exploitability Score: 1.6

Refrence: NVD MITRE

Description​

Description