CVE-2020-10980

Severity CVSS v4.0:
Pending analysis
Type:
CWE-918 Server-Side Request Forgery (SSRF)
Publication date:
08/04/2020
Last modified:
09/04/2020

Description

GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* 8.0.0 (including) 12.9 (including)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* 8.0.0 (including) 12.9 (including)