Information Disclosure Vulnerability in RhodeCode and Kallithea API

Information Disclosure Vulnerability in RhodeCode and Kallithea API

CVE-2015-0260 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method.

Learn more about our Api Penetration Testing.