CVE-2019-18448

Medium

6.5/10

Summary

An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Nov 26, 2019