1,400 GitLab Servers Impacted by Exploited Vulnerability
A critical vulnerability in GitLab’s email verification process, which can lead to password hijacking, is being exploited in the wild, the US cybersecurity agency CISA warns. Tracked as CVE-2023-7028 (CVSS score of 10/10), the flaw allows for password reset messages to be sent to email addresses that have not been verified, enabling attackers to hijack…