Количество 3
Количество 3
CVE-2023-49946
In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions.
CVE-2023-49946
In Forgejo before 1.20.5-1, certain endpoints do not check whether an ...
GHSA-fv68-mgcx-47jh
In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-49946 In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions. | CVSS3: 9.1 | 0% Низкий | около 2 лет назад |
| CVE-2023-49946 In Forgejo before 1.20.5-1, certain endpoints do not check whether an ... | CVSS3: 9.1 | 0% Низкий | около 2 лет назад |
| GHSA-fv68-mgcx-47jh In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions. | CVSS3: 9.1 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу