Recently, there was a critical vulnerability in GitLab servers that allowed attackers to take over accounts by sending password reset emails to unverified addresses. This has affected multiple versions of GitLab – and although patches were released in January 2024, there was evidence that attackers were actively exploiting these vulnerabilities.

“GitLab patched the security defect in January 2024, warning that GitLab Community Edition (CE) and Enterprise Edition (EE) versions 16.1 to 16.7.1 are affected. Fixes were included in GitLab versions 16.5.6, 16.6.4, and 16.7.2 and backported to versions 16.1.6, 16.2.9, 16.3.7, and 16.4.5. GitLab said at the time that it had not observed in-the-wild exploitation of CVE-2023-7028, but CISA on Wednesday added the bug to its Known Exploited Vulnerabilities (KEV) Catalog, saying it has evidence of active exploitation. SecurityWeek has not seen other reports of CVE-2023-7028 being targeted in attacks.”

Fr0ntierX offers cybersecurity and access management solutions by utilizing artificial intelligence to secure and protect sensitive data throughout its lifecycle. Our comprehensive and multilayered approach prioritizes user privacy while continuing to provide granular-level insights and analytics for strategic decision making. With features including multifactor authentication, advanced encryption, biometrics, and more, Fr0ntierX ensures actionable insights without ever compromising personal information and data security.