Critical GitLab Flaw Earns Bounty Hunter $20K