0Xwintermute

**Name of the Vulnerable Software and Affected Versions** GitLab EE/CE versions 8.11 through 12.9 **Description** The issue is related to information leakage on Issues opened in a public project and then moved to a private project. This leakage occurs through both the Web-UI and the GraphQL API. **Recommendations** For GitLab EE/CE versions 8.11 through 12.9, consider restricting access to the GraphQL API and Web-UI for sensitive projects until a fix is available. As a temporary workaround, avoid using the Web-UI and GraphQL API for moving issues from public to private projects.