CVE-2019-15581

Published: 2020-01-28T03:15Z

Last Modified: 2024-11-21T04:29Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt