An Incorrect Access Control (issue 1 of 2) exists in GitLab Community and Enterprise Edition prior to 11.7.8, 11.8.x prior to 11.8.4, and 11.9.x prior to 11.9.2. It allowed non-members of a private project/group to add and read labels.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |