Jira Integration Configuration Vulnerability in GitLab CE/EE: Remote Code Execution via JavaScript Injection

Jira Integration Configuration Vulnerability in GitLab CE/EE: Remote Code Execution via JavaScript Injection

CVE-2023-6033 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in victim's browser.

Learn more about our Web Application Penetration Testing UK.