VDB
CVE-2023-5600
CVE-2023-5600
PUBLISHED
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-desk custom email template.
EPSS 0.05% · 17.6th percentile
Risk Scores
EPSS Score
0.05%
17.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 16.0.0, 16.5.0, 16.4.0 |
| Bitnami | gitlab | 16.0.0, 16.4.0, 16.5.0 |
Exploit Intelligence
- CIRCL seen: CVE-2023-5600 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2023-5600 (circl-sighting)
- https://gitlab.com/gitlab-org/gitlab/-/issues/428268 (nist-nvd)
- https://hackerone.com/reports/2209702 (osv)
Timeline
- Jan 21, 1970 Security Advisory
- Oct 31, 2023 CVE Published
- Jun 20, 2025 Coalition ESS Score
- Jun 20, 2025 PoC Published
- Jun 20, 2025 PoC Published
- Jun 21, 2025 EPSS Score
- Jun 23, 2025 Coalition ESS Score
- Jul 1, 2025 EPSS Score
- Jul 11, 2025 EPSS Score
- Jul 21, 2025 EPSS Score
- Jul 31, 2025 EPSS Score
- Aug 11, 2025 EPSS Score