5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.4%
An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.
hackerone.com/reports/692252