Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2.

Related CVEs

CVE-2020-26416

Key Information

GHSA ID

GHSA-h9gg-fc6x-px6c

Published

May 24, 2022 5:36 PM

Last Modified

May 24, 2022 5:36 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 1, 2025 6:44 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.