Security Advisory

CVE-2018-1000803

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-08 15:00:00

Last updated 2024-09-16 20:36:30

Assigner mitre

State PUBLISHED

Description

Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability that can result in Exposure of users private email addresses. This attack appear to be exploitable via Watch a repository to receive email notifications. Emails received contain the other recipients even if they have the email set as private. This vulnerability appears to have been fixed in 1.5.1.

← Browse all CVEs View on cve.org ↗