GitLab fixed a critical zero-click account hijacking flaw

GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset. The flaw […]

account account hijacking account takeover address breaking news click community critical critical vulnerabilities critical vulnerability cve cvss cvss score enterprise flaw flaws gitlab hacking hijacking information security news it information security password pierluigi paganini score security security updates takeover updates vulnerabilities vulnerability zero-click zero-day