The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of a critical GitLab vulnerability, CVE-2023-7028, being actively exploited.

The flaw allows attackers to hijack the 'forgot your password' feature to redirect reset links to their own inboxes, bypassing the need to know the targeted account's email.

Both GitLab Community and Enterprise editions are affected, with a patch released in January, yet many users have not updated their systems.

Despite the use of multi-factor authentication (MFA), it does not provide full protection against this vulnerability, and around half of the systems remain unpatched.

CISA has mandated that all civilian federal agencies must patch this vulnerability, and urges all affected users to follow GitLab's incident response guide.

Organizations should either update to the latest patched version of GitLab or apply temporary mitigations if immediate upgrading is not feasible.

Adopting additional security measures such as zero-trust architecture, multifactor authentication, and privileged access management can help prevent such cyberattacks.

Organizations are recommended to establish a rapid response protocol for patching critical vulnerabilities to ensure swift action in such events.