CISA Adds GitLab Flaw to its Known Exploited Vulnerabilities Catalog
CISA Adds GitLab Flaw to its Known Exploited Vulnerabilities Catalog
02 May 2024
This flaw allows for an account takeover via Password Reset, enabling attackers to hijack accounts without any interaction. The affected versions range from 16.1 to 16.7, with GitLab releasing patches for versions 16.1.6 to 16.7.2.