Private exploit CVE-2024-5655 to Gitlab (Private repositories disclosure)# CVE-2024-5655-Gitlab-CSRF-GraphQL
Private exploit CVE-2024-5655 to Gitlab (Private repositories disclosure)
> The repository provides a working variant of the CVE-2024-5655 vulnerability exploit with support for real-time active shell, multithreading, entering targets from a file, and color output.
## 🔥 **CVSS: 9.6/10**
## Description
CVE-2024-5655 is a critical vulnerability in GitLab that allows attackers to execute CI/CD pipelines as any user, under specific conditions. This issue affects various versions of GitLab and has been addressed in the latest updates.
## Exploit details
The vulnerability enables unauthorized execution of CI/CD pipelines, potentially leading to remote code execution and other malicious activities.
## Running instructions
To run the exploit, use the following command:
```bash
python3 cve-2024-5655.py -t https://gitlab-private-repo -c 'cat README.md'
```
Before running the exploit, please refer to the README.txt file in the repository for detailed instructions.
## Vulnerable versions:
Various versions of GitLab before the latest security patch.
## Download
[Download here](https://t.ly/chSw3) (securely!)
## Date of published: 03.07.2024
## Contact
vulnresearcher@exploit.in
[4.0K] /data/pocs/7fcc0f760f65db4b5c0e2002b1d7a39ddf92d60c
├── [1.0K] LICENSE
└── [1.2K] README.md
0 directories, 2 files