Critical GitLab Bug Lets Attackers Run Pipelines as Other Users
The vulnerability impacts all GitLab CE/EE versions from 15.8 to 16.11.6, 17.0 to 17.0.4, and 17.1 to 17.1.2. Under certain circumstances that GitLab has yet to disclose, attackers can exploit it to trigger a new pipeline as an arbitrary user.
Cyware News – Latest Cyber News – Read More