source.dussan.org Git - gitea.git/commit

]> source.dussan.org Git - gitea.git/commit

author	Giteabot <teabot@gitea.io>
	Mon, 13 Nov 2023 23:03:56 +0000 (07:03 +0800)
committer	GitHub <noreply@github.com>
	Mon, 13 Nov 2023 23:03:56 +0000 (00:03 +0100)
commit	69ea554e2362e5c4943c2463c2ec547bf631f18b
tree	c1edf3adee273eabf3b706d4c8901129fd915593	tree \| snapshot
parent	c077a084d7bac8acc1bd247b2bd3d60835a17ded	commit \| diff

Dont leak private users via extensions (#28023) (#28028)

Backport #28023 by @6543

there was no check in place if a user could see a other user, if you
append e.g. `.rss`

routers/web/user/home.go

diff | blob | history

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

RSS Atom