2 matches found
CVE-2015-1613
RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the 1 updaterepo, 2 getlocks, or 3 getusergroups API method...
CVE-2015-1613
RhodeCode up to version 2.2.6 is affected by this CVE. Remote authenticated users can obtain API keys and other sensitive information through the update_repo, get_locks, or get_user_groups API methods. Root cause is an information disclosure path in the affected API endpoints. Impact is exposure ...