GitLab is prone to an security vulnerability.
Attackers can exploit this issue to make comments on a locked issue. This may aid in further attacks.
Information
Gitlab GitLab Enterprise Edition 11.4
Gitlab GitLab Enterprise Edition 11.3
Gitlab GitLab Enterprise Edition 10.1
Gitlab GitLab Community Edition 11.5
Gitlab GitLab Community Edition 11.4
Gitlab GitLab Community Edition 11.3
Gitlab GitLab Community Edition 10.1
Gitlab GitLab Enterprise Edition 11.4.8
Gitlab GitLab Enterprise Edition 11.3.11
Gitlab GitLab Community Edition 11.5.1
Gitlab GitLab Community Edition 11.4.8
Gitlab GitLab Community Edition 11.3.11
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References: