An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled
Credits
Thanks [jimeno](https://hackerone.com/jimeno) for reporting this vulnerability through our HackerOne bug bounty program
