Headline
CVE-2019-5461: HackerOne
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance’s internal network. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Related news
Misconfigured Apache Airflow Platforms Threaten Organizations
Security researchers found thousands of credentials for popular cloud-hosted services exposed on insecure instances of the popular workflow management technology.