What the vulnerability does

01Description

A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.

Key dates

02Disclosure timeline

December 18, 2019 CVE published
August 4, 2024 Record updated