A vulnerability was found in GitHub Community Edition and Enterprise Edition up to 16.7.1. It has been declared as critical. This vulnerability affects unknown code of the component Password Reset. The manipulation leads to an unknown weakness.

This vulnerability was named CVE-2023-7028. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.