Gitlab 14.9 Authentication Bypass

Discussion in 'News Aggregator' started by Packet Storm, 26 Apr 2022.

  1. Packet Storm

    Packet Storm Guest

    Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a bypass vulnerability due to having set a hardcoded password for accounts registered using an OmniAuth provider.

    Continue reading...
     

Share This Page

Loading...