CVE-2022-2307
Description
A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited.
Related CPE's
References
Vendor Advisory
Broken LinkVendor Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics