Guest users can create issues for Sentry errors in GitLab CE/EE versions since 12.6, leading to unauthorized access and tracking of issue status.

Guest users can create issues for Sentry errors in GitLab CE/EE versions since 12.6, leading to unauthorized access and tracking of issue status.

CVE-2021-22256 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Improper authorization in GitLab CE/EE affecting all versions since 12.6 allowed guest users to create issues for Sentry errors and track their status

Learn more about our User Device Pen Test.