CVE-2023-49947

CVE-2023-49947

EPSS 0.6%

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://codeberg.org/forgejo/forgejo/commit/44df78edd40076b349d50dc5fb02af417a44cfab https://forgejo.org/2023-11-release-v1-20-5-1/