CVE-2022-3572 : A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration which could lead to a reflected XSS that allowed attackers to perform arbitrary actions on behalf of victims.

Published 2023-01-26 21:15:55

Updated 2023-02-01 17:17:50

Source GitLab Inc.

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Exploit prediction scoring system (EPSS) score for CVE-2022-3572

Probability of exploitation activity in the next 30 days: 0.12%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 45 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2022-3572

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N	2.8	5.8	GitLab Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: High Integrity: High Availability: None
6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2022-3572

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-3572

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3572.json

2022/CVE-2022-3572.json · master · GitLab.org / cves · GitLab
Vendor Advisory
https://hackerone.com/reports/1727985

HackerOne
Permissions Required;Third Party Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/378214

Cross-site scripting in Jira Integration affecting self-hosted instances without strict CSP (#378214) · Issues · GitLab.org / GitLab · GitLab
Exploit;Vendor Advisory

Products affected by CVE-2022-3572

Gitlab » Gitlab » Community Edition
Versions from including (>=) 13.5.0 and before (<) 15.4.6
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Matching versions
Gitlab » Gitlab » Enterprise Edition
Versions from including (>=) 13.5.0 and before (<) 15.4.6
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Matching versions
Gitlab » Gitlab » Community Edition
Versions from including (>=) 15.5.0 and before (<) 15.5.5
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Matching versions
Gitlab » Gitlab » Enterprise Edition
Versions from including (>=) 15.5.0 and before (<) 15.5.5
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Matching versions
Gitlab » Gitlab » Version: 15.6.0 Community Edition
cpe:2.3:a:gitlab:gitlab:15.6.0:*:*:*:community:*:*:*
Matching versions
Gitlab » Gitlab » Version: 15.6.0 Enterprise Edition
cpe:2.3:a:gitlab:gitlab:15.6.0:*:*:*:enterprise:*:*:*
Matching versions

Vulnerability Details : CVE-2022-3572

Exploit prediction scoring system (EPSS) score for CVE-2022-3572

CVSS scores for CVE-2022-3572

CWE ids for CVE-2022-3572

References for CVE-2022-3572

Products affected by CVE-2022-3572