CVE-2023-51380
Incorrect Authorization allows Read Access to Issue Comments in GitHub Enterprise Server
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Productos afectados
GitHub · Enterprise Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7