High-severity GitLab flaw lets attackers take over accounts

May 23, 2024 at 01:50PM GitLab addressed a high-severity XSS vulnerability allowing unauthenticated attackers to compromise user accounts. Additionally, six medium-severity flaws were fixed, including a CSRF issue and a denial-of-service bug. These vulnerabilities allowed for account takeovers and disruption of services. GitLab urged immediate software updates due to potential impacts on sensitive data and … Read more