An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
CVE-2023-7028
Score elevated to 10.0 because this CVE is listed on the CISA Known Exploited Vulnerabilities catalog (added 2024-05-01), indicating real-world exploitation has been confirmed by US federal agencies. the CNA's CVSS baseline 10.0 retained for reference (NVD's own analysis pending). Confidence: HIGH.
- Actively exploited in the wild (CISA-KEV)
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.
- CVSS v3
- 10.0
- EG Score
- 10.0(high)
- EPSS
- 99.9%
- KEV
- ⚠ Exploited
Published
January 12, 2024
Last Modified
May 26, 2026
Advisory Details (4)
Auto-updated Jun 30, 2026Account Takeover via Password Reset without user interactions (#436084) · Issues · GitLab.org / GitLab · GitLab
https://gitlab.com/gitlab-org/gitlab/-/issues/436084Known Exploited Vulnerabilities Catalog | CISA
Known Exploited Vulnerabilities Catalog | CISA. Listed in CISA Known Exploited Vulnerabilities catalog.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-7028Critical GitLab account takeover vulnerability (CVE-2023-7028) - vsociety
https://www.vicarius.io/vsociety/posts/critical-gitlab-account-takeover-vulnerability-cve-2023-7028Vendor Advisories for CVE-2023-7028(1)
These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.
Weakness Classification(2)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Data Freshness Timeline
(refreshed 93× in last 7d / 395× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Showing the most recent 100 of 500 total refreshes for this CVE.
- 2026-07-07 08:52 UTCEG score recompute
- 2026-07-07 08:52 UTCGHSA enrichment
- 2026-07-07 04:59 UTCEG score recompute
- 2026-07-07 04:59 UTCGHSA enrichment
- 2026-07-07 01:08 UTCEG score recompute
- 2026-07-07 01:08 UTCGHSA enrichment
- 2026-07-06 21:16 UTCEG score recompute
- 2026-07-06 21:15 UTCGHSA enrichment
- 2026-07-06 17:22 UTCEG score recompute
- 2026-07-06 17:22 UTCGHSA enrichment
- 2026-07-06 16:26 UTCEPSS rescore
- 2026-07-06 16:26 UTCEPSS rescore
- 2026-07-06 13:29 UTCEG score recompute
- 2026-07-06 13:29 UTCGHSA enrichment
- 2026-07-06 09:36 UTCEG score recompute
- 2026-07-06 09:36 UTCGHSA enrichment
- 2026-07-06 05:44 UTCEG score recompute
- 2026-07-06 05:44 UTCGHSA enrichment
- 2026-07-06 02:22 UTCEPSS rescore
- 2026-07-06 02:22 UTCEPSS rescore
- 2026-07-06 01:51 UTCEG score recompute
- 2026-07-06 01:51 UTCGHSA enrichment
- 2026-07-05 21:59 UTCEG score recompute
- 2026-07-05 21:59 UTCGHSA enrichment
- 2026-07-05 18:07 UTCEG score recompute
Show 75 moreShow fewer
- 2026-07-05 18:07 UTCGHSA enrichment
- 2026-07-05 14:15 UTCEG score recompute
- 2026-07-05 14:15 UTCGHSA enrichment
- 2026-07-05 10:23 UTCEG score recompute
- 2026-07-05 10:23 UTCGHSA enrichment
- 2026-07-05 06:31 UTCEG score recompute
- 2026-07-05 06:31 UTCGHSA enrichment
- 2026-07-05 02:39 UTCEG score recompute
- 2026-07-05 02:39 UTCGHSA enrichment
- 2026-07-04 22:48 UTCEG score recompute
- 2026-07-04 22:48 UTCGHSA enrichment
- 2026-07-04 18:56 UTCEG score recompute
- 2026-07-04 18:56 UTCGHSA enrichment
- 2026-07-04 15:05 UTCEG score recompute
- 2026-07-04 15:05 UTCGHSA enrichment
- 2026-07-04 11:13 UTCEG score recompute
- 2026-07-04 11:13 UTCGHSA enrichment
- 2026-07-04 07:21 UTCEG score recompute
- 2026-07-04 07:21 UTCGHSA enrichment
- 2026-07-04 03:28 UTCEG score recompute
- 2026-07-04 03:28 UTCGHSA enrichment
- 2026-07-03 23:36 UTCEG score recompute
- 2026-07-03 23:36 UTCGHSA enrichment
- 2026-07-03 19:44 UTCEG score recompute
- 2026-07-03 19:44 UTCGHSA enrichment
- 2026-07-03 15:52 UTCEG score recompute
- 2026-07-03 15:52 UTCGHSA enrichment
- 2026-07-03 12:01 UTCEG score recompute
- 2026-07-03 12:01 UTCGHSA enrichment
- 2026-07-03 08:08 UTCEG score recompute
- 2026-07-03 08:08 UTCGHSA enrichment
- 2026-07-03 04:16 UTCEG score recompute
- 2026-07-03 04:15 UTCGHSA enrichment
- 2026-07-03 00:23 UTCEG score recompute
- 2026-07-03 00:22 UTCGHSA enrichment
- 2026-07-02 20:30 UTCEG score recompute
- 2026-07-02 20:30 UTCGHSA enrichment
- 2026-07-02 16:39 UTCEG score recompute
- 2026-07-02 16:39 UTCGHSA enrichment
- 2026-07-02 12:47 UTCEG score recompute
- 2026-07-02 12:47 UTCGHSA enrichment
- 2026-07-02 08:56 UTCEG score recompute
- 2026-07-02 08:56 UTCGHSA enrichment
- 2026-07-02 05:03 UTCEG score recompute
- 2026-07-02 05:03 UTCGHSA enrichment
- 2026-07-02 01:11 UTCEG score recompute
- 2026-07-02 01:11 UTCGHSA enrichment
- 2026-07-01 21:19 UTCEG score recompute
- 2026-07-01 21:19 UTCGHSA enrichment
- 2026-07-01 19:16 UTCCISA KEV update
- 2026-07-01 17:27 UTCEG score recompute
- 2026-07-01 17:27 UTCGHSA enrichment
- 2026-07-01 13:36 UTCEG score recompute
- 2026-07-01 13:36 UTCGHSA enrichment
- 2026-07-01 09:44 UTCEG score recompute
- 2026-07-01 09:44 UTCGHSA enrichment
- 2026-07-01 05:52 UTCEG score recompute
- 2026-07-01 05:52 UTCGHSA enrichment
- 2026-07-01 02:00 UTCEG score recompute
- 2026-07-01 02:00 UTCGHSA enrichment
- 2026-06-30 22:08 UTCEG score recompute
- 2026-06-30 22:08 UTCGHSA enrichment
- 2026-06-30 18:16 UTCEG score recompute
- 2026-06-30 18:16 UTCGHSA enrichment
- 2026-06-30 14:25 UTCEG score recompute
- 2026-06-30 14:25 UTCGHSA enrichment
- 2026-06-30 10:33 UTCEG score recompute
- 2026-06-30 10:32 UTCGHSA enrichment
- 2026-06-30 06:40 UTCEG score recompute
- 2026-06-30 06:40 UTCGHSA enrichment
- 2026-06-30 02:48 UTCEG score recompute
- 2026-06-30 02:48 UTCGHSA enrichment
- 2026-06-29 22:56 UTCEG score recompute
- 2026-06-29 22:56 UTCGHSA enrichment
- 2026-06-29 19:12 UTCCISA KEV update
Publicly available exploits
(10 references)Working exploit code is in the public domain (1 Metasploit module) (8 GitHub PoCs) (1 Exploit-DB entry). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
- GitHub PoCszybnev/CVE-2023-7028First seen Jul 21, 2025
This FORK of repository presents a proof-of-concept of CVE-2023-7028. I am only improve exploit usage
Open source ↗ - Open source ↗GitHub PoCsariamubeen/CVE-2023-7028First seen Feb 17, 2025
- Exploit-DBEDB-51889First seen Mar 14, 2024
GitLab CE/EE < 16.7.2 - Password Reset
Open source ↗ - GitHub PoCTrackflaw/CVE-2023-7028-DockerFirst seen Jan 25, 2024
Repository to install CVE-2023-7028 vulnerable Gitlab instance
Open source ↗ - Open source ↗GitHub PoCthanhlam-attt/CVE-2023-7028First seen Jan 23, 2024
- GitHub PoCEsonhugh/gitlab_honeypotFirst seen Jan 18, 2024
CVE-2023-7028 killer
Open source ↗ - GitHub PoCVozec/CVE-2023-7028First seen Jan 12, 2024
This repository presents a proof-of-concept of CVE-2023-7028
Open source ↗ - GitHub PoCRandomRobbieBF/CVE-2023-7028First seen Jan 12, 2024
CVE-2023-7028
Open source ↗ - GitHub PoCduy-31/CVE-2023-7028First seen Jan 12, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
Open source ↗ - Metasploitauxiliary/admin/http/gitlab_password_reset_account_takeover✓ verifiedFirst seen Jan 11, 2024
GitLab Password Reset Account Takeover
Open source ↗
Related CVEs(same CWE)
Same CWE
10 shownCWE-284 · CWE-640
Frequently asked(6)
What is CVE-2023-7028?
When was CVE-2023-7028 disclosed?
Is CVE-2023-7028 actively exploited?
What is the CVSS score of CVE-2023-7028?
Which products are affected by CVE-2023-7028?
How do I remediate CVE-2023-7028?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2023-7028
Is Your Infrastructure Affected by CVE-2023-7028?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.