Impact

• GitLab login allows login by any user.
• JWT auth token can be derived as long as the server isn't rebooted.
• Developers can assign issues to non-admin/DBA users.