mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
746 B
746 B
CVE-2020-13346
Description
Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API.
POC
Reference
- https://gitlab.com/gitlab-org/gitlab/-/issues/219496
- https://gitlab.com/gitlab-org/gitlab/-/issues/219496
Github
No PoCs found on GitHub currently.