cve/2019/CVE-2019-15725.md

### [CVE-2019-15725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15725)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and other information.

### POC

#### Reference
- https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
- https://gitlab.com/gitlab-org/gitlab-ee/issues/11431

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-15725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15725)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.2.1. An IDOR in the epic notes API that could result in disclosure of private milestones, labels, and other information.`

			`### POC`

			`#### Reference`
			`- https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/`
			`- https://gitlab.com/gitlab-org/gitlab-ee/issues/11431`

			`#### Github`
			`No PoCs found on GitHub currently.`