8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.7%
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim’s session is compromised.
about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/