CVE-2013-4580 Information

Description

GitLab before 5.4.2 Community Edition before 6.2.4 and Enterprise Edition before 6.2.1 when using a MySQL backend allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.

Reference

http://www.openwall.com/lists/oss-security/2013/11/15/4 https://www.gitlab.com/2013/11/14/multiple-critical-vulnerabilities-in-gitlab/