Iframe

**Name of the Vulnerable Software and Affected Versions** GitLab Community Edition (CE) and Enterprise Edition (EE) versions 5.1 through 12.6.1 **Description** An issue was discovered with Incorrect Access Control. **Recommendations** For versions 5.1 through 12.6.1, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 12.2.2 **Description** An issue allows embedded images and media files in markdown to be pointed to an arbitrary server. This could reveal the IP address of clients requesting the file from that server. **Recommendations** For GitLab Community and Enterprise Edition versions prior to 12.2.2, update to version 12.2.2 or later to resolve the issue.