CVE-2021-22256

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 12.6 and later

Description The issue is related to improper authorization, allowing guest users to create issues for Sentry errors and track their status. This could potentially enable a remote attacker to access confidential data and compromise its integrity.

Recommendations For GitLab CE/EE versions 12.6 and later, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting guest user access to creating issues for Sentry errors until a patch is available.