Vulnerabilities > Gitlab > Gitlab > 12.7.4

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2020-10079 Missing Authentication for Critical Function vulnerability in Gitlab
GitLab 7.10 through 12.8.1 has Incorrect Access Control.
network
low complexity
gitlab CWE-306
5.0
5.0
2020-03-13 CVE-2020-10078 Cross-site Scripting vulnerability in Gitlab
GitLab 12.1 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-02-17 CVE-2020-8795 Missing Authorization vulnerability in Gitlab
In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users.
network
low complexity
gitlab CWE-862
5.0
5.0