High severity8.0NVD Advisory· Published Jun 19, 2020· Updated Jun 17, 2026
CVE-2020-13275
CVE-2020-13275
Description
A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1
Affected products
4- Range: >=12.2 <=13.0.1
>=12.2 <=13.0.1+ 1 more
- (no CPE)range: >=12.2 <=13.0.1
- (no CPE)range: >=12.2, <12.9.8
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13275.jsonnvdVendor Advisory
- gitlab.com/gitlab-org/gitlab/-/issues/209254nvdBroken Link
- hackerone.com/reports/806255nvdPermissions Required
News mentions
0No linked articles in our index yet.