Unauthenticated Access to Private Repository Actions in Forgejo

Unauthenticated Access to Private Repository Actions in Forgejo

CVE-2023-49946 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions.

Learn more about our Web Application Penetration Testing UK.