4 matches found
CVE-2020-10535
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address...
CVE-2020-10535
Removed by vendor...
CVE-2020-10535
GitLab 12.8.x before 12.8.6 allows remote attackers to bypass email domain restrictions within a two‑day grace period for an unconfirmed email address when sign‑up is enabled. This is a direct bypass of domain controls in the signup flow. No exploitation details are provided in the sources beyond...
CVE-2020-10535
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address. Recent assessments: ericalexanderorg at March 16, 2020 3:55pm UTC reported: Not enough details to fully assess ATM bu...