In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page