One Request to Own Every Repo: How We Hijacked GitLab Through Its MCP Server
How We Made a GitLab MCP Server Hand Us Its Own Access Token What we found: Two Critical vulnerabilities in gitlab-mcp – the most popular community GitLab MCP server, with 200K+ downloads. Either one, on…