关键字【GitLab】的搜索结果共65记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-12-03 $ 8ayac Stored XSS in merge request pages GitLab Cross-site Scripting (XSS) - Stored
2018-12-03 $ 8ayac Unauthorized users may be able to view almost all informations related to Private projects. GitLab Information Disclosure
2018-10-30 $ 8ayac Stored XSS on Issue details page GitLab Cross-site Scripting (XSS) - Stored
2018-09-20 $ phillycheeze Persistent XSS - Deleting a project (No Longer Vulnerable in 10.7) GitLab Cross-site Scripting (XSS) - Stored
2018-08-22 $ nyangawa Vulnerability in project import leads to arbitrary command execution GitLab Command Injection - Generic
2018-07-27 $ rootbakar28 HTML TAG INJECTION ON PROFILE NAME GitLab Cross-site Scripting (XSS) - Stored
2018-07-16 $ lahataleputih Potensial SSRF via Git repository URL GitLab Server-Side Request Forgery (SSRF)
2018-07-16 $ phillycheeze Persistent XSS - Selecting users as allowed merge request approvers GitLab Cross-site Scripting (XSS) - Stored
2018-07-16 $ phillycheeze XSS (Persistent) - Selecting role(s) for protected branches GitLab Cross-site Scripting (XSS) - Stored
2018-05-29 $ strukt SSRF when importing a project from a git repo by URL GitLab Information Disclosure
2018-05-24 $750.0 jobert GitHub import allows user to create child group under existing namespace GitLab Improper Access Control - Generic
2018-04-30 $ wuqidashi SSRF vulnerability in gitlab.com webhook GitLab Server-Side Request Forgery (SSRF)
2018-04-27 $2000.0 jobert GitLab CI runner can read and poison cache of all other projects GitLab Path Traversal
2018-04-27 $750.0 jobert Evaluating Ruby code by injecting Rescue job on the system_hook_push queue through web hook GitLab Server-Side Request Forgery (SSRF)
2018-04-27 $2000.0 jobert Command injection by overwriting authorized_keys file through GitLab import GitLab Command Injection - Generic