CVE-2025-4972 - CERT CVE
ID CVE-2025-4972
Sažetak An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality.
Reference
CVSS
Base: 2.7
Impact: 1.4
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
NETWORK LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Zadnje važnije ažuriranje 10-07-2025 - 13:17
Objavljeno 10-07-2025 - 09:15