First published: Fri Jan 05 2018(Updated: )
The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improper permission checks.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=6.0.0<=6.9.2 | |
GitLab GitLab | >=7.0.0<7.4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.