Account Takeover via Password Reset without user interactions

Account Takeover via Password Reset without user interactions

on January 16, 2024

CVE-2023-7028

Account Takeover via Password Reset without user interactions

A critical vulnerability in GitLab CE/EE (CVE-2023-7028) can be easily exploited by attackers to reset GitLab user account passwords.

Link : https://github.com/RandomRobbieBF/CVE-2023-7028

Link : https://github.com/Vozec/CVE-2023-7028

Comments