Intrusion PreventionGitLab.CE.EE.Merge.Requests.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in GitLab GitLab Community Edition (CE) and Enterprise Edition (EE).
The vulnerability is due to improper escaping of branch names when displaying the branch name in merge requests. A remote, authenticated attacker could exploit this vulnerability by sending crafted requests to the target server. Successful exploitation could result in remote code execution in the context of a target users browser.
Affected Products
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) from 15.11 prior to 15.11.7
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) from 16.0 prior to 16.0.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/#stored-xss-with-csp-bypass-in-merge-requests
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-06-10 | 28.803 | Name:GitLab. Community. and. Enterprise. Edition. Merge. Requests. XSS:GitLab. CE. EE. Merge. Requests. XSS |
| 2023-07-24 | 25.607 | Default_action:pass:drop |
| 2023-07-11 | 24.598 |
| ID | 53348 |
| Created | Jun 27, 2023 |
| Updated | Jun 06, 2024 |
| Risk |
|
| CVE ID | CVE-2023-2442 |
| Exploit Prediction Score | 0.29% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |