CVEs-PoC/2023/CVE-2023-4002.md at efebdd4f2d72a3494ec92163e9e88e00a3646b8a

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-30 13:19:29 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for EE-licensed users to link any security policy project by its ID to projects or groups the user has access to, potentially revealing the security projects's configured security policies.

POC

Reference

No PoCs from references.

Github

https://github.com/monke443/CVE-2023-40028
https://github.com/monke443/CVE-2023-40028-Ghost-Arbitrary-File-Read

1.2 KiB Raw Blame History

CVE-2023-4002

Description

POC

Reference

Github

1.2 KiB

Raw Blame History