CVE-2020-11649

An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Members of a group could still have access after the group is deleted.
Source: NIST
CVE-2020-11649