5379 GitLab servers vulnerable to zero-click account takeover attacks

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset. The flaw can be exploited […]

account account takeover account takeover attacks address attacks breaking news click community critical critical vulnerabilities critical vulnerability cve cvss cvss score enterprise exploiting flaw gitlab hacking information security news it information security password password reset pierluigi paganini reset score security security updates servers takeover updates vulnerabilities vulnerability vulnerable zero-click