RhodeCode prior to 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rhodecode rhodecode enterprise |
||
kallithea-scm kallithea 0.1 |