2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
29.8%
An issue has been discovered in GitLab EE affecting all versions before
15.0.5, all versions starting from 15.1 before 15.1.4, all versions
starting from 15.2 before 15.2.1. It may be possible for email invited
members to join a project even after the Group Owner has enabled the
setting to prevent members from being added to projects in a group, if the
invite was sent before the setting was enabled.