Guest users can create issues for Sentry errors in GitLab CE/EE versions since 12.6, leading to unauthorized access and tracking of issue status.
CVE-2021-22256 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Improper authorization in GitLab CE/EE affecting all versions since 12.6 allowed guest users to create issues for Sentry errors and track their status
Learn more about our User Device Pen Test.