Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "GitLab - User Information Disclosure Via Open API" module is designed to detect a specific vulnerability in GitLab, a web-based DevOps lifecycle tool. This module focuses on identifying instances where user information can be exposed through the GitLab Open API. The severity of this vulnerability is classified as medium.
Author: Suman_Kar
If successfully exploited, this vulnerability could lead to the disclosure of sensitive user information, such as usernames, IDs, and names. This information could potentially be used for malicious purposes, including targeted attacks or identity theft.
The module works by sending a specific HTTP request to the target GitLab instance. The request is structured as follows:
GET /api/v4/users/{%uid%} HTTP/1.1
Host: {%Hostname%}
Accept: application/json, text/plain, */*
Referer:
The module then applies several matching conditions to determine if the vulnerability exists:
- The response body is checked for the presence of certain keywords related to user information. - The response header is checked to ensure it contains the "application/json" content type. - The HTTP status code is checked to ensure it is 200 (OK).If all matching conditions are met, the module reports a vulnerability.
Reference- https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158
Metadatashodan-query: http.title:"GitLab"