CVE-2023-1648 Information

Description

An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0 where Authorization headers was leaked in vulnerability report evidence.

Reference

https://hackerone.com/reports/1826896 https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1648.json https://gitlab.com/gitlab-org/gitlab/-/issues/388132