CVE-2020-13313

Summary

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=1.0, <13.1.10affected
GitLabGitLab>=13.2, <13.2.8affected
GitLabGitLab>=13.3, <13.3.4affected

Weaknesses

  • Improper authorization in GitLab

ADP Enrichment

CVE Program Container

Additional References

References