Vuln ID: CVE-2022-2497
Published: 2022-08-05 16:15:12Z
Description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious maintainer could exfiltrate an integration’s access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.
Source: NVD.NIST.GOV