General Hacking GitLab user enumeration - GraphQL

[CyberGod]

Some GitLab instances have a public GraphQL endpoint, giving the possibility to enumerate users among other things.
There is not much to add, it's simple; you can use Shodan or Google Dorks to find GitLab instances, then change

You must reply before you can see the hidden data contained here.

Proof