A vulnerability marked as problematic has been reported in GitLab up to 18.11.6/19.0.3/19.1.1. Affected is an unknown function of the component Cross-project Reference Pages. This manipulation causes improper authorization.
This vulnerability is handled as CVE-2026-7492. The attack can be initiated remotely. There is not any exploit available.