GitLab fixes critical flaw that lets users log in as admins
GitLab patched multiple privilege escalation flaws, cross-site scripting bugs, and information disclosure vulnerabilities in both the open source and commercial versions of its self-hosted system for managing Git repositories. The most critical is a serious authentication flaw that enabled users to log in as other users.
The critical vulnerability was in GitLab’s “impersonate” feature (CVE-2016-4340), which was introduced in GitLab 8.2 to let an administrator simulate being logged in as another user. However, the feature was not properly secured, so any authenticated user could log in as another user, even as administrators, GitLab said in its security advisory. The issue was discovered as part of an internal code review.