CVE 2021-22243
Under specialized conditions, GitLab CE/EE versions starting 7.10 may allow existing GitLab users to use an invite URL meant for another email address to gain access into a group.
See the
CVE page on Mitre.org
for more details.