Internal Gitlab Ticket Disclosure via External Slack Channels

@none_of_the_above was able to enumerate GitLab ticket titles and descriptions by posting links in a shared Slack channel. As part of HackerOne's investigation, it was determined that the misconfiguration could also be used to obtain the contents of exceptions from HackerOne's production environment that were captured in Sentry. Limited access to information in these two systems led to the conclusion that this was a high severity vulnerability. No confidential information or customer information was accessed by @none_of_the_above in their proof of concept of the vulnerability. We'd like to thank @none_of_the_above for their efforts and diligence in disclosing this vulnerability to us.