The version of GitLab installed on the remote host is affected by a vulnerability, as follows: In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch. (CVE-2021-39889) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More