CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/01/09 12:36 p.m.•4 views

CVE-2023-49948

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...

5.3CVSS7AI score0.0081EPSS

Exploits0References1

Circl•added 2023/12/05 10:6 a.m.•3 views

CVE-2023-49948

creationtimestamp| type| source ---|---|--- 2023-12-05 10:06:14+00:00| published-proof-of-concept| https://t.me/WARLOCKDARKARMYOFFICIALS/3644 2023-12-05 10:59:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9524 2023-12-14 06:35:37+00:00| published-proof-of-concept|...

5.3CVSS5.8AI score0.0081EPSS

Exploits0References5

ATTACKERKB•added 2023/12/03 7:15 p.m.•3 views

CVE-2023-49948

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...

5.3CVSS6.1AI score0.0081EPSS

Exploits0References4

OSV•added 2023/12/03 7:15 p.m.•4 views

CVE-2023-49948

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...

5.3CVSS6.1AI score0.0081EPSS

Exploits0References3

CVE•added 2023/12/03 12:0 a.m.•36 views

CVE-2023-49948

Forgejo before 1.20.5-1 is vulnerable to Information Disclosure: an attacker can determine the existence of private user accounts by appending a URL extension such as .rss, due to a lack of appropriate view-permission checks in the UsernameSubRoute/home.go path. The issue affects Forgejo releases...

5.3CVSS5.2AI score0.0081EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by