Server Side Request Forgery (SSRF) vulnerability in GitLab before 13.0.12, 13.1.6, 13.2.3 allows modification of user-controlled git configuration settings.

Server Side Request Forgery (SSRF) vulnerability in GitLab before 13.0.12, 13.1.6, 13.2.3 allows modification of user-controlled git configuration settings.

CVE-2020-13286 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.

Learn more about our Cis Benchmark Audit For Server Software.