2026-01-22 22:01:50
Gitea
PUBLISHED
Giteas stopwatch API does not re-validate repository access permissions. After a users access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches.