CVE-2014-8540
The CVE covers GitLab’s groups API in versions 6.x and 7.x up to 7.4.3, where remote authenticated guest users could modify ownership of arbitrary groups due to improper permission checks. Impact is ownership modification without authorization; CVSS vectors indicate low attack complexity with par...