CVE-2018-19496
CVE-2018-19496 affects GitLab Community and Enterprise Edition 10.x and 11.x (before 11.3.11, before 11.4.8, and before 11.5.1). The issue is an incorrect access control that allows a user with insufficient privileges to promote a project milestone to a group milestone. Publicly referenced adviso...