CVE-2020-13300
GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.
Date published : 2020-09-14
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13300.json