Mdtrop

**Name of the Vulnerable Software and Affected Versions** Sentry versions prior to 22.11.0 **Description** Sentry is an error tracking and performance monitoring platform. An attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result, an attacker with a valid invite link can create multiple users and join an organization they may not have been originally invited to. **Recommendations** For versions prior to 22.11.0, update to version 22.11.0 or later to resolve the issue. For self-hosted Sentry installs that cannot upgrade, disable the invite functionality by editing the `sentry.conf.py` file and setting `SENTRY FEATURES["organizations:invite-members"]` to `False`, then restart the Sentry web service.