IDOR Vulnerability in GitLab Allows Unauthorized File Replacement

IDOR Vulnerability in GitLab Allows Unauthorized File Replacement

CVE-2019-5469 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.

Learn more about our User Device Pen Test.