A privilege escalation issue exists in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed.
gitlab gitlab