Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Dynamic_application_security_testing_analyzer | Gitlab | 1.11.0 (including) | 3.0.32 (excluding) |