SQL Injection Vulnerability in GitLab MilestoneFinder Component
CVE-2017-0914 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.