CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability [email protected] (The Hacker News)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild.
Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by sending password reset emails to an unverified emailRead More 


Posted

in

by

Tags: