User Email Verification Bypass
OAuth Flow Missing Email Verification Checks
Notification Email Verification Bypass
Undisclosed Vulnerability on a Third-Party Rendering Engine
Group Sign-Up Restriction Bypass
Mirror Project Owner Impersonation
Missing Permission Check on Fork Relation Creation
Cross-Site Scripting in Repository Files API
Kubernetes Cluster Token Disclosure
Object Storage File Enumeration
Insecure Authorization Check on Project Deploy Keys
Cross-Site Scripting on Metrics Dashboard
Denial of Service on Custom Dashboards
Client-Side Code Injection through Mermaid Markup
Cross-Site Scripting on Static Site Editor
Disclosure of Amazon EKS Credentials
Denial of Service on Workhorse