Information Disclosure Vulnerability in RhodeCode API

Information Disclosure Vulnerability in RhodeCode API

CVE-2015-1613 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method.

Learn more about our Api Penetration Testing.