FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gitea -- information disclosure

Affected packages
gitea < 1.20.3


VuXML ID 36a37c92-44b1-11ee-b091-6162c1274384
Discovery 2023-06-06
Entry 2023-08-27

The Gitea team reports:

Fix API leaking Usermail if not logged in

The API should only return the real Mail of a User, if the caller is logged in. The check do to this don't work. This PR fixes this. This not really a security issue, but can lead to Spam.