Exposure of Private Project's Confidential Issues' title and Namespace in Commit Message
HackerOne report #421305 by ngalog on 2018-10-09:
Summary: Private namespace and confidentials issue's title should be protected from unauthorised user, however it could be leaked by cross linking issues from commit messages.
##PoC
Visit https://gitlab.com/golduserngalog/securitything/commits/master
When you hover the cursor to newpathhereds/testproject#1 , you will see create some file please on the screen
The private name space newpathhereds/testproject#1 and title of the confidential issue create some file please is leaked.
Steps To Reproduce:
Create a commit, and in commit message paste a link of a confidential message inside a private project that you are authorised to view
Now visit the commit page like https://gitlab.com/:project_namespace/commits/master , now you will be able to see the title of the confidential issue and the private namespace of the project.
Impact
Exposure of Private Project's Confidential Issues' title and Namespace in Commit Message
Attachments
Warning: Attachments received through HackerOne, please exercise caution!