Launchpad.net

CVE 2019-19260

GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).

See the CVE page on Mitre.org for more details.