An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server.
Credits
Thanks [saltyyolk](https://hackerone.com/saltyyolk) for reporting this vulnerability through our HackerOne bug bounty program
