CVE-2020-13272

OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow
Configurations

Configuration 1

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.0.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.0.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Information

Published : 2020-06-19 10:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-13272

Mitre link : CVE-2020-13272

Products Affected
No products.
CWE