GitLab
Moderate fix2 remedies
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*, +2 more
Moderate fix2 remedies
- >= 18.0, < 18.0.4
- >= 18.1, < 18.1.2
GitLab EE Group Invitation Bypass Vulnerability
Vulnerability
Patched
A vulnerability exists in GitLab EE versions 18.0 prior to 18.0.4 and 18.1 prior to 18.1.2, allowing authenticated users with invitation privileges to bypass group-level user invitation restrictions. This is achieved by manipulating the group invitation functionality, particularly through an API endpoint that shares groups with groups.
Impact
Exploitation of this vulnerability allows users to invite groups to their own groups, bypassing restrictions meant to prevent such actions.
Reproduction
To reproduce this vulnerability, first activate a GitLab Ultimate trial for your group. Then, create a custom role for a user that includes the permission to manage group members. Assign this role to the user. Next, enable the 'Disable user invitations' feature in the group settings. Despite this feature being active, the user can still invite entire groups using a direct API request, effectively bypassing the restriction.
Remediation
Users can update to GitLab EE version 18.1.2 or 18.0.4, where this vulnerability has been fixed.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
7.3impact
1.3exploitability
6.6remediation
7.7relevance
0.2threat
6.4urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.