Wednesday, October 7, 2020
CVE-2020-13346
nist.gov
In: nist.gov
Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API. CVE-2020-13346