Back to directory
WRITEUP #551

Understanding GitLab EE/CE Account TakeOver (CVE-2023-7028)

Auth BypassAccount takeoverPassword reset
by@SolankiRV3(Ravi Solanki)
Program
GitLab
Published
Jan 17, 2024
Added to HackDex
Jan 18, 2024
Read Full Writeuphttps://secops.group/understanding-gitlab-ee-ce-account-takeover-cve-2023-7028/
RELATED WRITEUPS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO
Account takeover on 8 years old public program
Auth BypassAccount takeover
Breaking the Barrier: Admin Panel Takeover Worth $3500
Auth BypassAuthentication bypass

Built with ❤️ by Shubham Rawat