CVE-2023-1965

Summary

An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access tokens granted for 3rd party Group SAML SSO logins. This feature isn't enabled by default.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=14.2, <15.9.6affected
GitLabGitLab>=15.10, <15.10.5affected
GitLabGitLab>=15.11, <15.11.1affected

Weaknesses

  • Cross-site request forgery (csrf) in GitLab

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References