Authenticated User Privilege Escalation: Incident Metric Image Deletion Vulnerability in GitLab CE/EE (Versions 13.8 and above)

Authenticated User Privilege Escalation: Incident Metric Image Deletion Vulnerability in GitLab CE/EE (Versions 13.8 and above)

CVE-2021-22198 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects.

Learn more about our User Device Pen Test.