[GitLab] Able to view hackerone report attachments (12000 USD)

We discussed this vulnerability as part of our weekly podcast on 20 September 2022

Fairly simple vulnerability where GitLab had an internal endpoint for their own tracking of H1 reports on h1.sec.gitlab.net. The researcher found one of these links and discovered the /a path which would dump all attachments keys, which you could use to re-construct the urls to download attachments.