listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Websvn | Tigris | 2.0 (including) | 2.0 (including) |