Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim’s API token if they click on a maliciously crafted linkRead More