An issue was discovered in GitLab Community and Enterprise Edition 8.x (starting in 8.9), 9.x, 10.x, and 11.x before 11.5.9, 11.6.x before 11.6.7, and 11.7.x before 11.7.2. It has Incorrect Access Control. Guest users are able to add reaction emojis on comments to which they have no visibility.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-09T20:02:30
Updated: 2024-08-04T20:38:33.523Z
Reserved: 2019-01-29T00:00:00
Link: CVE-2019-7176
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-09T21:15:12.310
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-7176
Redhat
No data.