CVE-2023-49948
03.12.2023, 19:15
Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss (or another extension) to a URL.Enginsight
| Vendor | Product | Version |
|---|---|---|
| forgejo | forgejo | 𝑥 < 1.20.5-1 |
𝑥
= Vulnerable software versions
References