gitlab account takeover audit
Today's GitLab release include a fix for a full account takeover based on a failed password reset mechanism.
This issue was introduced in GitLab 16.1, released on May 1, 2023. We need to verify whether this vulnerability was exploited on our server.