Unauthorized Access to Commit Titles and Team Member Comments

Unauthorized Access to Commit Titles and Team Member Comments

CVE-2019-15734 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did not have permission to access these.

Learn more about our User Device Pen Test.