Critical GitLab vulnerability CVE-2023-7028 was not patched on more than 5,300 servers as of Tuesday, potentially enabling remote takeover of software developers’ accounts.The bug, with a maximum CVSS score of 10, was first disclosed and patched by GitLab on Jan. 11. The vulnerability in GitLab’s login system would allow an attacker to have a password reset link sent to their own unverified email address without any user interaction by the victim.“Account takeover can be achieved by crafting a s...