Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases pageCreditsThanks [@izzsec](https://hackerone.com/izzsec?type=user) for reporting this vulnerability through our HackerOne bug bounty programReferenceshttps://gitlab.com/gitlab-org/gitlab/-/issues/212911https://hackerone.com/reports/833334https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22172.json
