SQL Injection Vulnerability in GitLab MilestoneFinder Component

SQL Injection Vulnerability in GitLab MilestoneFinder Component

CVE-2017-0914 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.