Confidential Issue Disclosure Vulnerability in GitLab Versions Prior to 13.2.10, 13.3.7, and 13.4.2

Confidential Issue Disclosure Vulnerability in GitLab Versions Prior to 13.2.10, 13.3.7, and 13.4.2

CVE-2020-13346 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API.

Learn more about our Api Penetration Testing.