CVE-2023-7028

Description

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.

CVSS v3.1 Score

10.0

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild.

Added: May 1, 2024 Remediation due: May 22, 2024

Weakness Type (CWE)

CWE-640 CWE-640

Affected Products

Vendor	Product	Versions
gitlab	gitlab	16.1.0 — 16.1.6
gitlab	gitlab	16.1.0 — 16.1.6
gitlab	gitlab	16.2.0 — 16.2.9
gitlab	gitlab	16.2.0 — 16.2.9
gitlab	gitlab	16.3.0 — 16.3.7
gitlab	gitlab	16.3.0 — 16.3.7
gitlab	gitlab	16.4.0 — 16.4.5
gitlab	gitlab	16.4.0 — 16.4.5
gitlab	gitlab	16.5.0 — 16.5.6
gitlab	gitlab	16.5.0 — 16.5.6
gitlab	gitlab	16.6.0 — 16.6.4
gitlab	gitlab	16.6.0 — 16.6.4
gitlab	gitlab	16.7.0 — 16.7.2
gitlab	gitlab	16.7.0 — 16.7.2

References

Frequently Asked Questions

What is CVE-2023-7028? +

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address. It has a CVSS v3.1 base score of 10.0 (CRITICAL). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.

How severe is CVE-2023-7028? +

CVE-2023-7028 has a CVSS v3.1 score of 10.0 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.

What products are affected by CVE-2023-7028? +

CVE-2023-7028 affects products from gitlab, specifically: gitlab. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2023-7028? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-29995

This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An …

CVE-2025-53373

Natours is a Tour Booking API. The attacker can easily take over any victim account by injecting an attacker-controlled server …

CVE-2024-11350 9.8

The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, …

CVE-2025-22144 9.8

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit …

CVE-2025-31380 9.8

Weak Password Recovery Mechanism for Forgotten Password vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Password Recovery Exploitation.This issue …

CVE-2025-47646 9.8

Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password …

Description

CVSS v3.1 Score

CISA Known Exploited Vulnerability

Weakness Type (CWE)

Affected Products

References

Advisories & Patches

Exploits

Other References

Frequently Asked Questions

Related Vulnerabilities

Don't wait for an exploit