GitLab: Exposure of a valid Gitlab-Workhorse JWT leading to various bad things
Summary Using the State Uploading API we could potentially do a bad thing: - Bypass Gitlab::Workhorse.verifyapirequest! This was due to the fact that Workhorse clean the URL before passing it to Rails, this is elaborated in 923027. and State Api read request.body to append it as a file!...