The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522b71f38a4
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "tokenorigin"] url = https://oauth2:uQCu5YMMrQ71k23Q3jGK@gitlab.wings-ict-solutions.dev/wingspark-plus/wingsparkplus-platform/wingsparkplus-frontend.git fetch = +refs/heads/*:refs/remotes/tokenorigin/* [branch "main"] remote = tokenorigin merge = refs/heads/main [branch "dev"] remote = tokenorigin merge = refs/heads/dev [remote "origin"] url = git@gitlab.wings-ict-solutions.dev:wingspark-plus/wingsparkplus-platform/wingsparkplus-frontend.git fetch = +refs/heads/*:refs/remotes/origin/*