GitLab CE/EE Salesforce Login Integration Authentication Bypass Vulnerability
CVE-2019-5486 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.
Learn more about our Web Application Penetration Testing UK.