cve-2020-10977 icon indicating copy to clipboard operation
cve-2020-10977 copied to clipboard

Published 20 hours ago verified publisher icon thewhiteh4t

UnboundLocalError: local variable 'csrf_token' referenced before assignment

Open dacade opened this issue 4 years ago • 7 comments

image

dacade avatar Nov 25 '20 16:11 dacade

GitLab Community Edition 10.7.3

dacade avatar Nov 25 '20 16:11 dacade

@dacade i have not tested this on 10.7.3 yet, I will test soon

thewhiteh4t avatar Nov 25 '20 18:11 thewhiteh4t

this is weird, I tested it on 10.7.3 and 11.7.4 and its not working on both even manually

thewhiteh4t avatar Jan 07 '21 17:01 thewhiteh4t

thanks for you test,maybe it does not the vuln.

dacade avatar Jan 08 '21 02:01 dacade

same issue with 12.8.1

mksbcisco avatar Feb 23 '21 14:02 mksbcisco

i found a way to work around the issue... define csrf_token as global variable in function login and create_issue

but after this is solved I got a new issue will raise a separate ticket for the same

mksbcisco avatar Feb 23 '21 14:02 mksbcisco

okay i will test on 12.8.1 too @mksbcisco thanks!

thewhiteh4t avatar Feb 23 '21 17:02 thewhiteh4t