mox@lemmy.sdf.org to Programming@programming.dev · 8 months agoMaximum-severity GitLab flaw allowing account hijacking under active exploitationarstechnica.comexternal-linkmessage-square6fedilinkarrow-up1141arrow-down12
arrow-up1139arrow-down1external-linkMaximum-severity GitLab flaw allowing account hijacking under active exploitationarstechnica.commox@lemmy.sdf.org to Programming@programming.dev · 8 months agomessage-square6fedilink
minus-squaresolrize@lemmy.worldlinkfedilinkarrow-up38·8 months agoSomehow they let attackers send themselves password reset links to arbitrary Gitlab accounts, apparently. Not good.
Somehow they let attackers send themselves password reset links to arbitrary Gitlab accounts, apparently. Not good.