PT-2026-40576
Name of the Vulnerable Software and Affected Versions Gerrit versions 2.12 and later Description Incorrect authorization in the "submitted together" feature allows an authenticated attacker with force push permissions on a secondary branch to bypass code review. This is achieved by using a crafte...