Description
A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed.
Affected products
- gitlab / GitLab Community Edition and GitLab Enterprise EditionAffects GitLab CE/EE 9.0 and later – Affects GitLab CE/EE 9.0 and later
- gitlab / GitLab Community Edition and GitLab Enterprise EditionFixed in 12.1.2 in 12.0.4 and in 11.11.6 – Fixed in 12.1.2 in 12.0.4 and in 11.11.6