{"uuid": "4645895d-e867-4e60-93da-fd5c4a705504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-7028", "type": "exploited", "source": "https://t.me/KomunitiSiber/1877", "content": "CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability\nhttps://thehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has\u00a0added\u00a0a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild.\nTracked as\u00a0CVE-2023-7028\u00a0(CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by sending password reset emails to an unverified email", "creation_timestamp": "2024-05-02T09:18:22.000000Z"}