Lucene search
K

5 matches found

NVD
NVD
added 2023/12/21 9:15 p.m.41 views

CVE-2023-51379

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read...

4.9CVSS0.00611EPSS
Exploits0References5
Prion
Prion
added 2023/12/21 9:15 p.m.22 views

Authorization

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read...

3.3CVSS6.9AI score0.00611EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2023/12/21 9:15 p.m.18 views

Authorization

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and...

4CVSS6.8AI score0.00467EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/21 12:0 a.m.5 views

PT-2023-31800 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.7 through 3.7.18 GitHub Enterprise Server versions 3.8 through 3.8.11 GitHub Enterprise Server versions 3.9 through 3.9.6 GitHub Enterprise Server versions 3.10 through 3.10.3 GitHub Enterprise Server...

4.3CVSS7AI score0.00467EPSS
Exploits0References11
Hacker One
Hacker One
added 2023/09/28 3:52 a.m.25 views

GitHub: [PATs] Ability to leak comments from issues without ANY "Issues" repo permissions by utilizing "Pull Request" permissions

An incorrect authorization vulnerability in GitHub Enterprise Server allowed issue comments to be read without proper permissions through improperly scoped tokens...

4.3CVSS4.5AI score0.00467EPSS
Exploits0
Rows per page
Query Builder