Critical GitLab Bug Lets Attackers Run Pipelines as Other Users

The vulnerability impacts all GitLab CE/EE versions from 15.8 to 16.11.6, 17.0 to 17.0.4, and 17.1 to 17.1.2. Under certain circumstances that GitLab has yet to disclose, attackers can exploit it to trigger a new pipeline as an arbitrary user.

This article has been indexed from Cyware News – Latest Cyber News

Read the original article: