In all versions of GitLab EE starting from 13.10 prior to 14.1.7, all versions starting from 14.2 prior to 14.2.5, and all versions starting from 14.3 prior to 14.3.1 a specific API endpoint may reveal details about a private group and other sensitive info inside issue and merge request templates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |
||
gitlab gitlab 14.3.0 |