CVE-2018-19576
GitLab CE/EE versions 8.6–11.x are vulnerable to an access-control issue that allows a Guest to change or delete their own comments on an issue after it is marked Confidential. Root cause: improper enforcement of access to issue comments. Affected ranges: 11.3.11+ fixes for 11.3.x line, 11.4.8+ f...