all InfoSec news
GitLab Fixes Password Reset Bug That Allows Account Takeover
Security Boulevard securityboulevard.com
GitLab is releasing a patch to fix a vulnerability in its email verification process that bad actors can exploit to reset user passwords and take over accounts. The flaw, CVE-2023-7028, was introduced in May 2023 in GitLab 16.1.0, in which a change was made that allowed users to reset their password through a secondary email..
The post GitLab Fixes Password Reset Bug That Allows Account Takeover appeared first on Security Boulevard.
2fa account accounts account takeover application security bad bad actors bug can change cve cybersecurity data security devops email email verification exploit featured fix fixes flaw gitlab gitlab vulnerability identity & access industry spotlight may may 2023 network security password password reset passwords patch process reset security boulevard (original) social - facebook social - linkedin social - x software supply chain spotlight takeover verification vulnerabilities vulnerability