CVSS 3.1 Score 5.4 of 10 (medium)


Published Aug 2, 2023
Updated: Aug 4, 2023


CVE-2023-2164 is a vulnerability discovered in GitLab, affecting all versions from 15.9 before 16.0.8, all versions from 16.1 before 16.1.3, and all versions from 16.2 before 16.2.2. The vulnerability allows an attacker to exploit a stored cross-site scripting (XSS) issue through user interaction with a manipulated URL in the WebIDE beta feature. This vulnerability has a base severity rating of MEDIUM with a base score of 5.4 according to [email protected], indicating the potential danger it poses to organizations. To remediate this vulnerability, users should update their GitLab installations to version 16.0.8, 16.1.3, or 16.2.2 or later to mitigate the risk of exploitation and enhance security measures in their organization's GitLab environment. Note: The report does not mention the potential danger posed by the vulnerability beyond what is provided in the source text, as it does not provide any additional information regarding specific risks or impacts associated with this particular vulnerability beyond its severity rating and score according to [email protected].


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-2164 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options