CVE-2023-7028
Description
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
- CVSS Version 3.1
CVE ID: CVE-2023-7028
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
CVE ID: CVE-2023-7028
Base Score: 10.0
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Impact Score: 5.8
Exploitability Score: 3.9
Proof Of Concept
Nuclei Templates for CVE-2023-7028
Refrence: Project Discovery GitHub
RandomRobbieBF
CVE-2023-7028
Refrence: GitHub
googlei1996
CVE-2023-7028 poc
Refrence: GitHub
duy-31
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
Refrence: GitHub
Vozec
This repository presents a proof-of-concept of CVE-2023-7028
Refrence: GitHub
yoryio
Exploit for CVE-2023-7028 - GitLab CE/EE
Refrence: GitHub
Esonhugh
CVE-2023-7028 killer
Refrence: GitHub
Shimon03
Refrence: GitHub
thanhlam-attt
Refrence: GitHub
Trackflaw
Repository to install CVE-2023-7028 vulnerable Gitlab instance
Refrence: GitHub
mochammadrafi
Python Code for Exploit Automation CVE-2023-7028
Refrence: GitHub
hackeremmen
GitLab CVE-2023-7028
Refrence: GitHub
soltanali0
Implementation and exploitation of CVE-2023-7028 account takeover vulnerability related to GO-TO CVE weekly articles of the 11th week.
Refrence: GitHub
fa-rrel
CVE-2023-7028 POC && Exploit
Refrence: GitHub
Content on GitHub
olebris | watchers:0
Exploit_CVE_2023_7028-
Exploit_CVE_2023_7028
Refrence: GitHub