CVE-2023-49948

Опубликовано: 03 дек. 2023

Источник: debian

EPSS Низкий

Описание

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss (or another extension) to a URL.

Пакет	Статус	Версия исправления	Релиз	Тип
forgejo	itp			package

EPSS

Процентиль: 64%

0.00471

Низкий

CVE-2023-49948

CVSS3: 5.3

nvd

около 2 лет назад

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss (or another extension) to a URL.

GHSA-jg89-564w-4gwr

CVSS3: 5.3

github

около 2 лет назад

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss (or another extension) to a URL.

EPSS

Процентиль: 64%

0.00471

Низкий