Kugadziridza zvigadziriso kupuratifomu yekusimudzira yekudyidzana - GitLab 15.11.2, 15.10.6 uye 15.9.7 - zvakaburitswa zvinogadzirisa njodzi yakaoma (CVE-2023-2478) inobvumira chero mushandisi ane chokwadi kuti abatanidze mumhanyi wake ega kuburikidza nemano iyo GraphQL API (chikumbiro chekutanga mabasa paunenge uchivaka kodhi yeprojekiti mune inoenderera yekubatanidza sisitimu) kune chero chirongwa pane imwechete server. Mashoko ekushanda haasati apihwa. Kusagadzikana kwakaendeswa kuGitLab sechikamu cheHackerOne's vulnerability bounty chirongwa.
Source: opennet.ru