Vulnerability: Unauthorized Modification and Deletion of Pull Requests and Comments in Kallithea

Vulnerability: Unauthorized Modification and Deletion of Pull Requests and Comments in Kallithea

CVE-2016-3114 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Kallithea before 0.3.2 allows remote authenticated users to edit or delete open pull requests or delete comments by leveraging read access.

Learn more about our User Device Pen Test.