IDOR Vulnerability in GitLab Epic Notes API: Disclosure of Private Milestones, Labels, and Other Information
CVE-2019-15725 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and other information.
Learn more about our Api Penetration Testing.