Unrated severityNVD Advisory· Published Jan 15, 2021· Updated Aug 3, 2024
CVE-2021-22171
CVE-2021-22171
Description
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: >=11.5
>=11.5+ 1 more
- (no CPE)range: >=11.5
- (no CPE)range: >=11.5.0, <13.5.6
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22171.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab-pages/-/issues/262mitrex_refsource_MISC
- hackerone.com/reports/718460mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.