BIT-gitlab-2020-13313

BIT-gitlab-2020-13313 PUBLISHED CVSS 4.300000190734863 MEDIUM

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control.

Risk Scores

CVSS 3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	1.0.0, 13.2.0, 13.3.0

Exploit Intelligence

https://hackerone.com/reports/751264 (osv)

Timeline

Mar 6, 2024 CVE Published
Apr 3, 2025 CVE Updated

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13313.json url
https://gitlab.com/gitlab-org/gitlab/-/issues/118536 url
https://hackerone.com/reports/751264 url
https://nvd.nist.gov/vuln/detail/CVE-2020-13313 url

Open in Interactive Console →