GitLab CE/EE, versions 10.1 up to 11.x prior to 11.3.11, 11.4 prior to 11.4.8, and 11.5 prior to 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |