From Cyber Security News – 5379 GitLab Servers are Vulnerable to Zero-Click Account Takeover Attacks

GitLab has released important security fixes for versions 16.7.2, 16.6.4, and 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE). The fixes include multiple bugs, including a critical account takeover vulnerability that does not require user interaction. However, other fixes were approval and removal bypass from CODEOWNERS, execution of slash commands by abusing Slack/Mattermost
The post 5379 GitLab Servers are Vulnerable to Zero-Click Account Takeover Attacks appeared first on Cyber Security News. Read More