GitLab Addresses Critical Zero-Click Vulnerabilities With Security Update

GitLab released critical security updates for both its Community and Enterprise Edition, addressing a severe authentication flaw (CVE-2023-7028) that allows account hijacking without user interaction. The vulnerability enables password reset requests to be sent to unverified email addresses, posing a significant risk to organizations using GitLab for hosting proprietary code and sensitive data. Users are advised to update vulnerable versions promptly to mitigate potential security risks. Read more...