CVE-2023-6371

CVSS 3.1 Score 8.7 of 10 (high)

Details

Published Mar 28, 2024

CWE ID 79

Summary

CVE-2023-6371 is a stored XSS vulnerability affecting GitLab CE and EE versions prior to 16.8.5, 16.9.3, and 16.10.1. An attacker can exploit this issue by creating a malicious wiki page. Once a user visits the page, the attacker can execute arbitrary actions on their behalf. This vulnerability poses a significant risk as it allows unauthorized access and potential data theft, making it crucial for users to upgrade to the latest versions of GitLab to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tme8aG
https://www.cve.org/CVERecord?id=CVE-2023-6371
https://nvd.nist.gov/vuln/detail/CVE-2023-6371

Back to Vulnerability Database

CVE-2023-6371

CVSS 3.1 Score 8.7 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations