Insufficient Permission Verification in Git Version Control API Allows Unauthorized Project Modifications

Insufficient Permission Verification in Git Version Control API Allows Unauthorized Project Modifications

CVE-2022-1502 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions.

Learn more about our Api Penetration Testing.