GitLab API Vulnerability Exposed Confidential Information


Earlier this week GitLab announced the release of security updates aimed at fixing various flaws found in previous iterations. One issue was an insecure direct object reference that exposed confidential issues within all public projects, via the Events API. Vulnerable information includes confidential issues, private notes, and private merge requests.





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *