CVE-2019-18451 (NVD)

2019-11-26

An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. It has an Open Redirect.

Products Gitlab
Type URL Redirection to Untrusted Site ('Open Redirect') (CWE-601)
First patch - None (likely due to unavailable code)
Links https://about.gitlab.com/blog/categories/releases/
https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/