Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-26413 PoC — GitLab 信息泄露漏洞

Source
https://github.com/Kento-Sec/GitLab-Graphql-CVE-2020-26413
Associated Vulnerability
Title:GitLab 信息泄露漏洞 (CVE-2020-26413)
Description:An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.
Description
GitLab-Graphql-CVE-2020-26413 POC
Readme
# GitLab-Graphql-CVE-2020-26413
GitLab-Graphql-CVE-2020-26413 POC

单个验证:

python3 Gitlab_CVE-2020-26413.py -u http://127.0.0.1

批量验证

python3 Gitlab_CVE-2020-26413.py -f target.txt

会在脚本当前路径生成漏洞结果
File Snapshot

 [4.0K]  /data/pocs/428fd0494b88914f5156988578909b903f2fc76d
├── [3.4K]  Gitlab_CVE-2020-26413.py
└── [ 243]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →