GitLab DAST Scanner Authorization Cookie Leakage Vulnerability

GitLab DAST Scanner Authorization Cookie Leakage Vulnerability

CVE-2023-1401 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization.

Learn more about our Web Application Penetration Testing UK.