Original Post: [GitLab] Able to view hackerone reports attachments
This vulnerability was analyzed during Episode 151 on 19 September 2022
Fairly simple vulnerability where GitLab had an internal endpoint for their own tracking of H1 reports on h1.sec.gitlab.net. The researcher found one of these links and discovered the /a path which would dump all attachments keys, which you could use to re-construct the urls to download attachments.