7 matches found
Information Disclosure
code.gitea.io/gitea is vulnerable to information disclosure. The vulnerability is due to improper exposure of user metadata through sortable fields such as last login time, which allows an attacker to infer users' login activity by manipulating the explore/users sort order...
SUSE CVE-2025-68943
Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...
Gitea inadvertently discloses users' login times by allowing (for example) the lastlogintime explore/users sort order
Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...
CVE-2025-68943
Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...
CVE-2025-68943
Summary: Gitea before 1.21.8 exposes users’ login times by the lastlogintime sort on the Explore/Users page. Affected: Gitea (code.gitea.io/gitea) prior to 1.21.8, including related models/routers. Root cause: sorting logic allows inadvertent disclosure of login timestamps. Impact: disclosure of ...
UBUNTU-CVE-2021-32477
The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability site administrators by default. Moodle versions 3.10 to 3.10.3 are affected...
openSUSE Security Update : fossil (openSUSE-2017-949)
This update for fossil to version 2.3 fixes the following issues : - Potential XSS vulnerability on the /help webpage boo1053267 This update also contains all upstream improvements and fixes in version 2.3 : - Update internal Unicode character tables, used in regular expression handling, from...