Researchers have disclosed details of a new security vulnerability in GitLab, an open-source DevOps software. The medium-severity flaw affects all versions of GitLab Community Edition and Enterprise Edition starting from 13.0 and all versions starting from 14.4 and prior to 14.8. A remote, unauthenticated attacker can use this vulnerability to collect registered GitLab usernames, names, and email addresses. The vulnerability is the result of a missing authentication check when executing certain GitLab GraphQL API queries.”]
Source: https://thehackernews.com/2022/03/new-security-vulnerability-affects.html