17 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-7028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5,...
Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab
CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This c...
📄 GitLab 16.7.2 Account Takeover
GitLab version 16.7.2 proof of concept account takeover via password reset exploit. Exploit Title: GitLab 16.7.2 - Account Takeover via Password Reset without user interactions Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...
Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab
CVE-2023-7028 Exploit - GitLab Password Reset Poisoning Vulner...
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities KEV catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 CVSS score: 10.0, the maximum severity vulnerability could facilitate...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7028 GitLab Community and Enterprise Editions Improper Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cybe...
GitLab CE/EE Password Reset
Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...
GitLab CE/EE < 16.7.2 - Password Reset Vulnerability
Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/ Version: 16.7.2,...
GitLab CE/EE < 16.7.2 - Password Reset
Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...
GitLab warns zero-click vulnerability could lead to account takeovers
GitLab has issued a warning about a critical vulnerability in GitLab Community Edition CE and Enterprise Edition EE. GitLab is an online DevOps platform that allows developers to collaborate on creating software. Organizations have a choice to install GitLab on their own servers or under GitLab’s...
Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab
CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...
CVE-2023-7028 Weak Password Recovery Mechanism for Forgotten Password in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to a...
CVE-2023-7028 Weak Password Recovery Mechanism for Forgotten Password in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to a...
CVE-2023-7028
creationtimestamp| type| source ---|---|--- 2024-01-12 10:15:15+00:00| published-proof-of-concept| https://t.me/techb0ltGenona/4222 2024-01-12 10:50:50+00:00| published-proof-of-concept| https://t.me/LearnExploit/5995 2024-01-12 12:51:42+00:00| seen| https://t.me/ctinow/167227 2024-01-12...
CVE-2023-7028
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to a...
FreeBSD : Gitlab -- vulnerabilities (4c8c2218-b120-11ee-90ec-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4c8c2218-b120-11ee-90ec-001b217b3468 advisory. - An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5....
GitLab 16.1 < 16.1.6 / 16.2 < 16.2.9 / 16.3 < 16.3.7 / 16.4 < 16.4.5 / 16.5 < 16.5.6 / 16.6 < 16.6.4 / 16.7 < 16.7.2 (CVE-2023-7028)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to...