Account Deletion Vulnerability in GitLab >=7.12: Improper Group Membership Validation

Account Deletion Vulnerability in GitLab >=7.12: Improper Group Membership Validation

CVE-2020-13335 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group.

Learn more about our User Device Pen Test.