The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222cc0941f
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] fetch = +refs/heads/*:refs/remotes/origin/* url = https://grogacki:Polska1%403@gitlab.com/grogacki/bilety-ack.git [branch "master"] remote = origin merge = refs/heads/master
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65222cc0941f
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] fetch = +refs/heads/*:refs/remotes/origin/* url = https://grogacki:Polska1%403@gitlab.com/grogacki/bilety-ack.git [branch "master"] remote = origin merge = refs/heads/master