CVE-2023-2013

MEDIUM Year: 2023
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into cloning non-trusted code.

Related Vulnerabilities

CVE-2013-2682

MEDIUM
CVSS:4.3(Medium)

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.

CWE-10212013

CVE-2013-5594

MEDIUM
CVSS:4.3(Medium)

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding

CWE-10212013

CVE-2013-6772

MEDIUM
CVSS:4.3(Medium)

Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking

CWE-10212013

CVE-2017-5026

MEDIUM
CVSS:4.3(Medium)

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't...

CWE-10212017

CVE-2018-12576

MEDIUM
CVSS:4.3(Medium)

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.

CWE-10212018

CVE-2018-6178

MEDIUM
CVSS:4.3(Medium)

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a ...

CWE-10212018