IDOR Vulnerability in GitLab Epic Notes API: Disclosure of Private Milestones, Labels, and Other Information

IDOR Vulnerability in GitLab Epic Notes API: Disclosure of Private Milestones, Labels, and Other Information

CVE-2019-15725 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and other information.

Learn more about our Api Penetration Testing.