CVE-2023-7028
Description
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
Severity: HIGH
CVE ID: CVE-2023-7028
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: CRITICAL
CVE ID: CVE-2023-7028
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Proof Of Concept
Nuclei Templates for CVE-2023-7028
Refrence: Project Discovery GitHub
V1lu0
CVE-2023-7028 poc
Refrence: GitHub
RandomRobbieBF
CVE-2023-7028
Refrence: GitHub
duy-31
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
Refrence: GitHub
Vozec
This repository presents a proof-of-concept of CVE-2023-7028
Refrence: GitHub
yoryio
Exploit for CVE-2023-7028 - GitLab CE/EE
Refrence: GitHub
Esonhugh
CVE-2023-7028 killer
Refrence: GitHub
Shimon03
Refrence: GitHub
thanhlam-attt
Refrence: GitHub
Trackflaw
Repository to install CVE-2023-7028 vulnerable Gitlab instance
Refrence: GitHub
mochammadrafi
Python Code for Exploit Automation CVE-2023-7028
Refrence: GitHub
hackeremmen
GitLab CVE-2023-7028
Refrence: GitHub