Hi Sir, mv-data.at Team Introduce, I'm Alexander. I work as Bug Bounty Hunter. I found a vulnerability in an existing Gitlab system Gitlab RCE which allows me to change the gitlab administrator/root password (Takeover admin gitlab login) and also be able to view all source code and secret credentials make reverse shell to the operation system. This finding is Critical Vulnerability. Impact:
Attacker can delete and download the source code and obtain various credentials. (database[SQL Command], API, credential : username & password) Attacker can embed ransomware and demand a ransom for all your data Can distribute the existing code in gitlab or sell it causing damage to the reputation Can exploit the gitlab and all source code of your data dev or master RCE Access can delete and manage your files or data. Email: alexandergiat@gmail.com