"1,400 GitLab Servers Impacted by Exploited Vulnerability"

The US Cybersecurity and Infrastructure Security Agency (CISA) warns that a critical vulnerability in GitLab's email verification process is being exploited for password hijacking. The flaw, tracked as CVE-2023-7028 with a CVSS score of 10, enables password reset messages to be sent to unverified email addresses, thus allowing attackers to take over the password reset process and accounts. This article continues to discuss the critical vulnerability in GitLab’s email verification process. 

SecurityWeek reports "1,400 GitLab Servers Impacted by Exploited Vulnerability"

Submitted by grigby1