Unrated severityNVD Advisory· Published Jul 26, 2023· Updated Nov 20, 2025
Insertion of Sensitive Information Into Sent Data in GitLab
CVE-2023-1401
Description
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization.
Affected products
3- Range: >=3.0.29 <4.0.5
Patches
Vulnerability mechanics
References
2- hackerone.com/reports/1889255mitretechnical-descriptionexploitpermissions-required
- gitlab.com/gitlab-org/gitlab/-/issues/396533mitreissue-tracking
News mentions
0No linked articles in our index yet.