gitlab-patches-critical-account-takeover-vulnerability

DevOps platform GitLab has reset the passwords of some user accounts, after addressing a critical account takeover vulnerability.

According to the company, in GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 14.7.7, 14.8.5, and 14.9.2, a hardcoded password was set when the account was registered using an OmniAuth provider.

read more

Recommended Posts