Merge branch '10-1-stable' into 10-1-stable-patch-2

* 10-1-stable:
  Merge branch '32059-fix-oauth-phishing' into 'master'

2 files changed, 7 insertions, 1 deletions

diff --git a/changelogs/unreleased/32059-fix-oauth-phishing.yml b/changelogs/unreleased/32059-fix-oauth-phishing.yml
new file mode 100644
index 00000000000..1aaa7285309
--- /dev/null
+++ b/changelogs/unreleased/32059-fix-oauth-phishing.yml
@@ -0,0 +1,6 @@
+---
+title: Prevent OAuth phishing attack by presenting detailed wording about app to user
+  during authorization
+merge_request: 
+author:
+type: security
diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml
index 6f105d20771..b1c71095d4f 100644
--- a/config/locales/doorkeeper.en.yml
+++ b/config/locales/doorkeeper.en.yml
@@ -61,7 +61,7 @@ en:
       api: Access the authenticated user's API
       read_user: Read the authenticated user's personal information
       openid: Authenticate using OpenID Connect
-      sudo: Perform API actions as any user in the system
+      sudo: Perform API actions as any user in the system (if the authenticated user is an admin)
     scope_desc:
       api:
         Full access to GitLab as the user, including read/write on all their groups and projects