Title:GitLab 信息泄露漏洞 (CVE-2020-26413) Description:GitLab是美国GitLab公司的一款使用Ruby on Rails开发的、自托管的、Git(版本控制系统)项目仓库应用程序。该程序可用于查阅项目的文件内容、提交历史、Bug列表等。Git是一套免费、开源的分布式版本控制系统。 GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2存在安全漏洞,该漏洞源于通过GraphQL公开信息会导致用户的电子邮件出人意料地可见。
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.