Launchpad.net

CVE 2020-13313

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control.

See the CVE page on Mitre.org for more details.