Gitlab user disclosure
Description
By using the graphql endpoint, it was possible to get list of all the Gitlab users. Therefore, this information can be used to conduct further attacks.
Remediation
Limit information exposed to anonymous users
Looking for the vulnerability index of Invicti's legacy products?