Authorization Bypass Vulnerability in GitLab Enterprise Edition 10.3 Allows Information Disclosure on Board Objects

Authorization Bypass Vulnerability in GitLab Enterprise Edition 10.3 Allows Information Disclosure on Board Objects

CVE-2017-0922 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

Learn more about our Web Application Penetration Testing UK.