GitLab CE/EE Salesforce Login Integration Authentication Bypass Vulnerability

CVE-2019-5486 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.

Learn more about our Web Application Penetration Testing UK.